MANILA, Philippines – TechCrunch reported Thursday, July 11, the Apple Watch Walkie Talkie app was open to a vulnerability that allowed other people to listen to another person’s iPhone without consent.
The company has disabled the app while it patches the opening.
The app allows users to communicate via audio chats – recorded voice messages sent to one another, using a “push to talk” interface.
Apple released a statement to TechCrunch:
“We were just made aware of a vulnerability related to the Walkie-Talkie app on the Apple Watch and have disabled the function as we quickly fix the issue. We apologize to our customers for the inconvenience and will restore the functionality as soon as possible. Although we are not aware of any use of the vulnerability against a customer and specific conditions and sequences of events are required to exploit it, we take the security and privacy of our customers extremely seriously. We concluded that disabling the app was the right course of action as this bug could allow someone to listen through another customer’s iPhone without consent. We apologize again for this issue and the inconvenience.”
The bug was reported via the company’s vulnerability report portal, which can be found here.
The bug follows several vulnerability incidents this year including a similar eavesdropping bug that affected FaceTime’s group calling feature; and just a little more than a day earlier, a Zoom videoconferencing bug that allowed users to be added to a video call without permission. – Rappler.com