Proton Technologies warns of vulnerability in Apple’s iOS

Proton Technologies warns of vulnerability in Apple’s iOS

New York, 28.3.2020

Proton Technologies warns that a vulnerability in Apple’s iOS operating system prevents its Virtual Private Network app and other VPN apps from encrypting all data traffic.

Apple has not issued a patch for the vulnerability, which even affects the latest version, iOS 13.4. Apple’s mobile operating system apparently cannot close existing Internet connections, which means that the traffic that should be routed through the protected VPN tunnel is not protected.

„The VPN bypass vulnerability could result in user data being exposed if the affected connections are not themselves encrypted (although this would be unusual these days). The more common problem is IP leaks. An attacker could see the IP addresses of users and the IP addresses of the servers they connect to,“ explained
Proton in a blog post.