After a security researcher discovered a bug that allowed users to circumvent the lock screen, Google Pixel phones were recently updated with a fix. The business stated earlier this week that the November Android upgrade for the Pixel smartphones running Android 13 has started going out globally. Over the following weeks, Pixel users will gradually begin to receive this update. Along with repairs and enhancements, this version also includes the Android security patch for November 2022, which fixes a bug that permits users to circumvent the lock screen using a SIM card.
A security hole was found by security researcher David Schütz and recorded as CVE-2022-20465 in the Android security patch release for November 2022. It made it possible for attackers to get through lock screen security features like a fingerprint, PIN, or pattern if they had physical access to a Pixel smartphone.
When switching out the SIM card and entering the SIM PIN incorrectly three times, Schütz defeated the Pixel 6’s biometric security. The gadget would then require the Personal Unlocking Key (PUK) code.
The phone would prompt you for a new PIN code for that SIM card once you entered the PUK code correctly. The phone would then unlock, giving users access to the home screen and the entire device.
Through Google’s Android Vulnerability Rewards Program, Schütz reported this flaw. After a few months, he received $70,000 (about Rs. 56,57,000) as compensation for discovering the security hole. It is now [classified] as a High severity system problem in the November security patch. Additionally, it has been incorporated into Android 10, 11, 12, 12L, and 13’s AOSP (Android Open Source Project) versions.
For Pixel 4a and newer smartphones, Google has begun pushing out the November 2022 Android 13 update, which includes the November 2022 Android security patch. On a Pixel smartphone that qualifies, navigate to Settings > System > System update to see if this update has been released.