The researcher says it works without root or administrator privileges and without password prompts. But he's not revealing how it works to Apple because there's no money for him in its invite-only/iOS-only bounties.
The security issue of the week has arrived in iOS and OS X, and it's attracted a funky name already. The researchers called it XARA, but others had different ideas, and dubbed it "CORED." As in "Apple CORED."