Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:ADB5A2D7B394DF8595245F7B84B813E9
HistoryNov 10, 2022 - 3:07 p.m.

Hacker Rewarded $70,000 for Finding Way to Bypass Google Pixel Phones' Lock Screens

2022-11-1015:07:00
The Hacker News
thehackernews.com
44
google
pixel smartphones
lock screen bypass
cve-2022-20465
security researcher
david schütz
android update

0.0005 Low

EPSS

Percentile

16.1%

JSON

Google Pixel Phones

Google has resolved a high-severity security issue affecting all Pixel smartphones that could be trivially exploited to unlock the devices.

The vulnerability, tracked as CVE-2022-20465 and reported by security researcher David Schütz in June 2022, was remediated as part of the search giant’s monthly Android update for November 2022.

“The issue allowed an attacker with physical access to bypass the lock screen protections (fingerprint, PIN, etc.) and gain complete access to the user’s device,” Schütz, who was awarded $70,000 for the lock screen bypass, said in a write-up of the flaw.

The problem, per the researcher, is rooted in the fact that lock screen protections are completely defeated when following a specific sequence of steps -

  • Supply incorrect fingerprint three times to disable biometric authentication on the locked device
  • Hot swap the SIM card in the device with an attacker-controlled SIM that has a PIN code set up
  • Enter incorrect SIM pin thrice when prompted, locking the SIM card
  • Device prompts user to enter the SIM’s Personal Unlocking Key (PUK) code, a unique 8-digit number to unblock the SIM card
  • Enter a new PIN code for the attacker-controlled SIM
  • Device automatically unlocks

This also means that all an adversary needs to unlock a Pixel phone is to bring their own PIN-locked SIM card and is in possession of the card’s PUK code.

“The attacker could just swap the SIM in the victim’s device, and perform the exploit with a SIM card that had a PIN lock and for which the attacker knew the correct PUK code,” Schütz said.

An analysis of the source code commits made by Google to patch the flaw shows that it’s caused by an “incorrect system state” introduced as a result of wrongly interpreting the SIM change event, causing it to entirely dismiss the lock screen.

“I was not expecting to cause this big of a code change in Android with this bug,” Schütz concluded.

Found this article interesting? Follow THN on Facebook, Twitter and LinkedIn to read more exclusive content we post.

Related

talosblog 1
prion 1
osv 1
cve 1
cvelist 1
nvd 1
talosblog
talosblog
Threat Source newsletter (Nov. 17, 2022): Hot off the press! The Snort 2023 Calendar is here
2022-11-17 19:01:43
prion
prion
Design/Logic Flaw
2022-11-08 22:15:00
osv
osv
Unlocking SIM PUK result in unlocking phone directly
2022-11-01 00:00:00
cve
cve
CVE-2022-20465
2022-11-08 22:15:11
cvelist
cvelist
CVE-2022-20465
2022-11-08 00:00:00
nvd
nvd
CVE-2022-20465
2022-11-08 22:15:11

0.0005 Low

EPSS

Percentile

16.1%

JSON
Related for THN:ADB5A2D7B394DF8595245F7B84B813E9
talosblog1prion1osv1cve1cvelist1nvd1