Google Pixel Bug That Allowed Bypassing the Lock Screen Fixed With November Update
The Android security flaw was spotted by researcher David Schütz.
Advertisement
Highlights
- Google rewarded David Schütz with $70,000 for reporting the bug
- The flaw required physical access to the Pixel smartphone
- Google marked it as a high severity system issue in November patch
Schütz demonstrated the error on the Pixel 6, which requires swapping out the SIM card
Photo Credit: Google
Google Pixel phones were recently updated with a fix for a security flaw that allowed a user to bypass the lock screen, after it was reported by a security researcher. The company announced earlier this week that it had begun globally rolling out the November Android update for the Pixel smartphones running on Android 13. This update will be made available to Pixel users gradually over the next few weeks. Apart from bringing fixes and improvements, this update also includes the November 2022 Android security patch, which includes a bug fix that resolves a security issue that allows people to bypass the lock screen using a SIM card.
Security researcher David Schütz discovered a security flaw, tracked as CVE-2022-20465 in the November 2022 Android security patch update. It allowed an attacker with physical access to a Pixel smartphone to bypass lock screen security measures such as fingerprint, PIN, and pattern.
Schütz demonstrated the bug on the Pixel 6, which allowed people to bypass the biometrics by swapping out the SIM card and entering the SIM PIN incorrectly three times. The device would then ask for the Personal Unlocking Key (PUK) code.
Entering the PUK code correctly, the phone would ask for a new PIN code for that SIM card. The handset would then unlock and take users to the home screen with full access to the device.
Advertisement
Schütz had reported this bug to Google via the Android Vulnerability Rewards Program. After waiting for a few months, he was rewarded with $70,000 (roughly Rs. 56,57,000) for spotting the security flaw. It is now [listed] in the November security patch as a High severity system issue. It has also been included in the Android Open Source Project (AOSP) version of Android 10, 11, 12, 12L, and 13.
As mentioned earlier, Google has started rolling out the November 2022 Android 13 update, including the November 2022 Android security patch, for Pixel 4a and newer devices. You can check for this update by going to Settings > System > System update on an eligible Pixel smartphone.
Are the Pixel 7 and 7 Pro the best in their segment? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
REVIEW
- Good
- Reliable camera performance
- Lean software with guaranteed updates
- Stereo speakers
- Vivid OLED display
- Light, built well
- Bad
- Relatively low battery capacity
- No ultra-wide camera
Read detailed Google Pixel 4a review
KEY SPECS
Display 5.81-inch
Processor Qualcomm Snapdragon 730G
Front Camera 8-megapixel
Rear Camera 12.2-megapixel
RAM 6GB
Storage 128GB
Battery Capacity 3140mAh
OS Android 10
Resolution 1080x2340 pixels
NEWS
For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.
Advertisement