A vulnerability affecting “All That Seems” Google pixel phones It is said to have allowed unwanted intruders to access a locked Pixel device.
according to blog post (Opens in a new tab) By cybersecurity researcher David Schutz, whose bug report convinced Google to take action, the bug was patched only to Android phones In question after the November 5, 2022 security update, about six months after it submitted its bug report.
vulnerability, which is tracked as CVE-2022-20465 (Opens in a new tab)allows an attacker with physical access to bypass lock screen protection, such as a fingerprint and PIN, and gain full access to a user’s device.
How does the exploit work?
Schutz, who claimed that an earlier bug report by another researcher pointing to the problem had been ignored, said the exploit was simple and easily replicable.
It involved locking the SIM by entering the wrong PIN three times, reinserting the SIM tray, resetting the PIN by entering the SIM’s PUK code (which should come with the original packaging) and then choosing a new PIN.
Since the attacker could only bring his PIN-locked SIM card, only physical access was required to perform the exploit, according to Schutz.
Potential attackers can only swap this SIM in the victim’s device, and perform the exploit using a SIM card that has a PIN lock and for which the attacker knows the correct PUK code.
To Google’s credit, despite the severity of the exploit, Schutz claims that after submitting a report detailing the vulnerability, Google attended to the exploit within 37 minutes.
Although Schultz did not provide any evidence, he hypothesized that other Android vendors may have been affected. This is certainly possible, since Android is an extension open source The operating system.
This isn’t the first time that a security researcher has exposed serious security flaws inside Android phones as well.
In April 2022, Check point search (Opens in a new tab) (CPR) has discovered a flaw that, if left unpatched, had the potential to make a large number of Android phones vulnerable to remote code execution. Which falls under Qualcomm and MediaTek chipset audio decoders.