Google Pixel Bug That Allowed Bypassing the Lock Screen Fixed With November Update

The Android security flaw was spotted by researcher David Schütz.

Written by Siddhant Chandra, Edited by David Delima | Updated: 11 November 2022 14:31 IST

Google Pixel Bug That Allowed Bypassing the Lock Screen Fixed With November Update

Photo Credit: Google

Schütz demonstrated the error on the Pixel 6, which requires swapping out the SIM card

Highlights

Google rewarded David Schütz with $70,000 for reporting the bug
The flaw required physical access to the Pixel smartphone
Google marked it as a high severity system issue in November patch

Google Pixel phones were recently updated with a fix for a security flaw that allowed a user to bypass the lock screen, after it was reported by a security researcher. The company announced earlier this week that it had begun globally rolling out the November Android update for the Pixel smartphones running on Android 13. This update will be made available to Pixel users gradually over the next few weeks. Apart from bringing fixes and improvements, this update also includes the November 2022 Android security patch, which includes a bug fix that resolves a security issue that allows people to bypass the lock screen using a SIM card.

Security researcher David Schütz discovered a security flaw, tracked as CVE-2022-20465 in the November 2022 Android security patch update. It allowed an attacker with physical access to a Pixel smartphone to bypass lock screen security measures such as fingerprint, PIN, and pattern.

Schütz demonstrated the bug on the Pixel 6, which allowed people to bypass the biometrics by swapping out the SIM card and entering the SIM PIN incorrectly three times. The device would then ask for the Personal Unlocking Key (PUK) code.

Google Pixel 7 Pro Barely Clears JerryRigEverything Durability Test

Entering the PUK code correctly, the phone would ask for a new PIN code for that SIM card. The handset would then unlock and take users to the home screen with full access to the device.

Schütz had reported this bug to Google via the Android Vulnerability Rewards Program. After waiting for a few months, he was rewarded with $70,000 (roughly Rs. 56,57,000) for spotting the security flaw. It is now [listed] in the November security patch as a High severity system issue. It has also been included in the Android Open Source Project (AOSP) version of Android 10, 11, 12, 12L, and 13.

Pixel 7 Series Offers Better Battery Life, Modem With Tensor G2 SoC: Report

As mentioned earlier, Google has started rolling out the November 2022 Android 13 update, including the November 2022 Android security patch, for Pixel 4a and newer devices. You can check for this update by going to Settings > System > System update on an eligible Pixel smartphone.

Are the Pixel 7 and 7 Pro the best in their segment? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Google Pixel 6

KEY SPECS
NEWS

Display 6.40-inch

Processor Google Tensor

Front Camera 8-megapixel

Rear Camera 50-megapixel + 12-megapixel

RAM 8GB

Storage 128GB, 256GB

Battery Capacity 4614mAh

OS Android 12

Resolution 1080x2400 pixels

More Google mobiles Google mobiles price in India

Google Pixel 4a

REVIEW
KEY SPECS
NEWS

Design
Display
Software
Performance
Battery Life
Camera
Value for Money

Good
Reliable camera performance
Lean software with guaranteed updates
Stereo speakers
Vivid OLED display
Light, built well

Bad
Relatively low battery capacity
No ultra-wide camera

Read detailed Google Pixel 4a review

Display 5.81-inch

Processor Qualcomm Snapdragon 730G

Front Camera 8-megapixel

Rear Camera 12.2-megapixel

RAM 6GB

Storage 128GB

Battery Capacity 3140mAh

OS Android 10

Resolution 1080x2340 pixels

More Google mobiles Google mobiles price in India

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.