Google has paid out $70,000 to a security researcher for privately reporting an “accidental” security bug that allowed anyone to unlock Google Pixel phones without knowing its passcode.
The lock screen bypass bug, tracked as CVE-2022-20465, is described as a local escalation of privilege bug because it allows someone, with the device in their hand, to access the device’s data without having to enter the lock screen’s passcode.
Hungary-based researcher David Schütz said the bug was remarkably simple to exploit but took Google about five months to fix.
Schütz discovered a
A simple Android lock screen bypass bug landed a researcher $70,000
![](https://xn--9ckkn2541by7i2mhgnc67gnu2h.xyz/wp-content/uploads/2020/01/2020-01-19_18h38_21.png)
コメント