iOS 13 contains a vulnerability that could allow anyone to bypass the lockscreen protection on your iPhone and access some sensitive information.
It involves activating a FaceTime call and then accessing the voiceover feature from Siri to enable access to the contact list. You can then obtain email addresses, phone numbers, address information, and more from the list of contacts.
We have confirmed and tested that the bypass procedure works on the iOS 13 GM running on an iPhone X. You’re not able to access photos, though. Naturally, this requires physical access to an iPhone and some time to initiate a FaceTime call and enable voiceover.
However, more likely, Apple will patch this issue in the iOS 13.1 release, which is expected to arrive for the public on September 30. So all users should patch their iPhones by the end of the month.
Until then iPhone users are recommended to not leave their phone unattended, at least in public and workplaces.