Hacker discovers lock screen bypass bug that affects all Google Pixels

Rita El Khoury / Android Authority

TL;DR

  • A hacker found a bug that reportedly affects all Google Pixel phones.
  • The bug allows anyone who knows the exploit to sidestep the lock screen.
  • The problem was fixed in November’s security update.

The last thing anyone wants is for a stranger to gain access to your phone. It’s the whole reason we all go through the trouble of setting up lock screens. But what if there was a bug that allowed someone to bypass your lock screen? A hacker found exactly that and it’s something that reportedly affects all Google Pixel phones.

There are malicious hackers and ethical hackers, while the former hacks for malicious reasons, the latter hacks to help make things more secure. Ethical hacker, David Schutz, happened to come across a troubling bug by chance after his Pixel 6 died as he was sending a text.

In a blog post, Schutz explains that after he charged up his phone and turned it on, the phone asked for his SIM card’s PIN code to unlock the device. After getting the code wrong three times, the SIM card locked and the phone asked for the PUK code instead. When he entered the PUK code, the device asked him to set up a new PIN code.

When all of that was done, he was finally taken to the lock screen, but he noticed that something wasn’t right.

It was a fresh boot, and instead of the usual lock icon, the fingerprint icon was showing. It accepted my finger, which should not happen, since after a reboot, you must enter the lock screen PIN or password at least once to decrypt the device. After accepting my finger, it got stuck on a weird “Pixel is starting…” message, and stayed there until I rebooted it again.

This incident encouraged Schutz to look into the matter further. After reproducing to situation a few times, he realized he stumbled upon something that would allow someone to easily bypass the lock screen. All that was needed was physical access to the phone, a locked SIM card, and a tool to eject the SIM card tray.

Below, you can see a video of Schutz reproducing the security flaw.

Schutz says that after he confirmed the vulnerability on the Pixel 6, he then proceeded to try the exploit on a Pixel 5. Sure enough, it worked on that phone as well. Following the discovery, he then contacted Google about the issue. If he was the first to send in this report, he would’ve earned a $100K bounty, but Schutz says he was the second person to report the bug.

However, the hacker still ended up getting $70K, as it was his report that got Google to start working on a fix. The vulnerability (CVE-2022-20465) that is said to affect all Pixel phones has now been fixed with the latest security patch that arrived on November 5, 2022.

To fix this issue on your Pixel, you just have to update your phone with November’s security patch. You can do that by heading over to Settings and scrolling down to System. When you go into System, tap on System update and hit the Check for update button.

Leave a Comment

Your email address will not be published.