Update: This problem appears to have been fixed in the new iOS 7.0.1 update, as tests have shown that the flaw cannot be replicated any more.
Original story below...
The flaw can be exploited using the emergency call screen that can be accessed from the lock screen. Once the phone's keypad is open, any number can be dialled by repeatedly tapping the call button.
Article continues below
After that, the call to any number, including international and premium phone numbers is completed as if the phone were unlocked.
Any number, any time
"Once the black screen appeared, it was pretty clear that this is a bug," says Daoud from Ramallah in Palestinian. "You can dial a number anywhere, any time."
He also claims to have repeated the trick on older iPhones running older versions of iOS and enjoyed further success, so it appears the problem is not confined to iOS 7.
The bug is the second security flaw uncovered within iOS 7 since its release in midweek. The first lockscreen vulnerability allowed access to the device's photos and email. However, that required a much more complex combinations of presses and swipes.
Apple says it is working on a fix for the first issue, but is yet to comment on the more recent discovery.