A Hungarian researcher accidentally discovered an Android vulnerability that would earn him a $70,000 reward from Google. As a result, the amount of money matters the ease of executing the error and the risk it poses allows you to bypass the mobile phone lock screen and access its content🇧🇷
The flaw in question was designated CVE-2022-20465 and was designated “high severity.” To exploit the problem, the person must have the mobile phone to be hacked and also have a SIM chip of their own.
The attacker starts off by locking the biometrics, which usually happens after many false attempts to read the fingerprint, for example. Then you just need to remove the SIM card from the mobile to be hacked and insert your own chip. After the change, the criminal deliberately bypasses the PIN until the mobile phone requests the card’s PUKnot the owner’s personalized security PIN.
The PUK code is unique to each SIM card and you can easily find it on the SIM package or by calling your carrier. After entering this code, the mobile phone allows a new PIN to be registered. Ok, hacked.
The problem has already been fixed
The flaw was discovered by David Schütz, who claimed to have found it, in a way, by accident. A similar situation happened to him while traveling with a mobile phone.
As usual, this type of failure is only announced after it has been fixed. Google fixed the issue with a patch in the November 5 update for Android 10 systems; so make sure your device is up to date.
Source: Tec Mundo
