A new iPhone lockscreen exploit has been discovered in iOS 12.1

Apple may have only released the iOS 12.1 update this week, but researchers have already discovered a security flaw that could allow anyone to access contacts on a locked iPhone.

Spanish security expert Jose Rodriguez was the first to spot the exploit (via Hacker News), and did so a matter of hours after the release of the software update.

Read more: Best VPN

The issue, it appears, lies within Group FaceTime, which was introduced to the iPhone with the latest version of iOS, and let’s you video call up to 32 people at once.

An attacker, it should be noted, would need physical access to the target iPhone.

To trigger the exploit, they would first need to call the target iPhone from another iPhone. Then, on the target iPhone, they can simply tap the FaceTime icon, then hit ‘Add Person’ and the + icon.

Doing this opens up access to the target iPhone’s entire contacts list, and an attacker can view more information about individual contacts with the aid of 3D Touch.

The video embedded below shows the hack in action.

According to Hacker News, the exploit works on all iPhone models − including the iPhone X, iPhone XS and iPhone XS Max − running iOS 12.1.

The iPhone 5S, iPhone SE, iPhone 6, iPhone 6 Plus, iPhone 6S, iPhone 6S Plus, iPhone 7, iPhone 7 Plus, iPhone 8, iPhone 8 Plus and iPhone XR are also eligible for the update.

Read more: Best smartphone

Unfortunately, iPhone users will have to wait for Apple to issue a patch before they’re safe again. For now, the best thing you can do to protect yourself is not leave your iPhone lying around.

Have you been caught out by an iOS lockscreen exploit in the past? Share your experiences with us on Twitter @TrustedReviews.