Google has resolved a high-severity safety difficulty affecting all Pixel smartphones that could possibly be trivially exploited to unlock the gadgets.
The vulnerability, tracked as CVE-2022-20465 and reported by safety researcher David Schütz in June 2022, was remediated as a part of the search large’s month-to-month Android replace for November 2022.
“The difficulty allowed an attacker with bodily entry to bypass the lock display screen protections (fingerprint, PIN, and many others.) and achieve full entry to the consumer’s system,” Schütz, who was awarded $70,000 for the lock display screen bypass, stated in a write-up of the flaw.
The drawback, per the researcher, is rooted in the truth that lock display screen protections are fully defeated when following a particular sequence of steps –
- Supply incorrect fingerprint 3 times to disable biometric authentication on the locked system
- Hot swap the SIM card within the system with an attacker-controlled SIM that has a PIN code arrange
- Enter incorrect SIM pin thrice when prompted, locking the SIM card
- Device prompts consumer to enter the SIM’s Personal Unlocking Key (PUK) code, a singular 8-digit quantity to unblock the SIM card
- Enter a brand new PIN code for the attacker-controlled SIM
- Device robotically unlocks
This additionally implies that all an adversary must unlock a Pixel telephone is to convey their very own PIN-locked SIM card and is in possession of the cardboard’s PUK code.
“The attacker might simply swap the SIM within the sufferer’s system, and carry out the exploit with a SIM card that had a PIN lock and for which the attacker knew the proper PUK code,” Schütz stated.
An evaluation of the supply code commits made by Google to patch the flaw exhibits that it is attributable to an “incorrect system state” launched on account of wrongly deciphering the SIM change occasion, inflicting it to completely dismiss the lock display screen.
“I used to be not anticipating to trigger this huge of a code change in Android with this bug,” Schütz concluded.