November 11 (Portaltic/EP) –
A bug present in android system It allows unlock a smartphone pixel only with change sim cardsince the error Sets all security screens completed when starting the mobile, after blocking the PIN code and entering the PUK code.
As detailed the security expert David Schutzwho discovered this Android vulnerability through his own Google Pixel 6, to unlock the phone it is necessary to change the SIM of the ‘smartphone’ for another SIM for which the PUK code is known.
In this sense, the error starts when trying to start mobile phone after having changed sim cards. Once the wrong PIN code has been entered three times, it continues entering the PUK code. After that, a new PIN is chosen and the phone automatically displays the home screen.
“It’s the most shocking vulnerability that I have found so far”, explained Schütz, who warns that it is especially dangerous given that with having physical access to the mobile, anyone could unlock it without knowing passwords and jumping the barriers of biometric recognition.
Also, after doing this process several times on his ‘smartphone’, the security expert assures that tried this pattern on other models from Google Pixel where he returned to happen the same.
However, this vulnerability CVE-2022-20465 has already been corrected in the Android November security patch. In this sense, as reported by Google, what happened was that when the PUK code was entered, the system understood that the security screens behind it had been completed. Therefore, it Skip the fingerprint, pattern or password to unlock the phone.
