Researcher Bypasses Android Lock Screen - ThreatWire
Added 2022-11-16 19:02:43 +0000 UTCBy Shannon Morse.
A security researcher ran across a vulnerability on Android Pixel phones that could allow an attacker to easily bypass a lock screen with just a few steps. This is how it works: The attacker could input the wrong fingerprint 3 times which would disable the biometric authentication option. After this, hot swap to an attacker owned SIM card that they’ve previously set up a PIN code on. Enter the PIN code incorrectly 3 times, which will lock the SIM card. Then, the Pixel will ask them to enter their SIMs Personal Unlocking Key or PUK code which is an 8 digit number. They can then enter a new PIN code for their SIM, and the smartphone will automatically unlock to the home screen.
In essence, this is purposeful brute forcing with the intention of doing it wrong, in order to bypass the lock screen. The only thing an attacker would need to do ahead of time is set up their own SIM card with a PIN and make sure they know the PUK code.
David Schutz reported the issue to Google back in June of 2022 and it was fixed in the November 2022 Android patch. It’s tracked as CVE 2022 20465, and is an incorrect system state. Obviously an attacker would need physical access to the Android phone in order to hot swap the SIM card - meaning they’d need to remove the old SIM card and input their own while the device is on. The researcher posted a video demoing the entire process.
Google awarded Schutz $70,000 for finding and reporting this vulnerability. It affects Android 10, 11, 12, and 13, and was originally tested on a Pixel 5 and a Pixel 6. From your Pixel phone, go to your system settings and check for updates. The patch was released in early November.
LINKS:
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypass/
https://thehackernews.com/2022/11/hacker-rewarded-70000-for-finding-way.html
