Apple has acknowledged a flaw in its FaceTime software that allowed for brief eavesdropping - even if the recipient did not pick up.
In some cases the target iPhone would send video, probably without the receiver's knowledge.
The company said it had developed a fix and an update would be rolled out.
The flaw, first revealed by the 9to5Mac blog, appears to occur when both users are running version 12.1 of Apple's mobile operating system, or newer.
The technique involves using the software's group chat function, apparently confusing the software into activating the target's microphone, even if the call had not been accepted.
The eavesdropping ends when the call is cut after too many rings.
Apple said the update would be rolled out this week.
'National Privacy Day'
In addition to audio, 9to5Mac reported that pressing buttons to block the call or turn off the device would result in video being sent to the call maker, without the recipient's knowledge.
In a statement, Apple told journalists: "We're aware of this issue and we have identified a fix that will be released in a software update later this week."
On social media, concerned users - including Twitter chief executive Jack Dorsey - suggested disabling the FaceTime function altogether, which can be done via the device's settings menu.
Discovery of the flaw coincided with "National Privacy Day" in the US, a day heralded by Apple boss Tim Cook.
"On this #DataPrivacyDay let us all insist on action and reform for vital privacy protections," he wrote on Twitter.
"The dangers are real and the consequences are too important."
Apple also recently made a big play of its privacy credentials at the recent Consumer Electronics Show in Las Vegas.
The company did not attend but placed a billboard near the event, reading: "What happens on your iPhone, stays on your iPhone."