Critical Android 14 and 13 Lock Screen Bug Exposes Google Account Data

by | Dec 11, 2023 | News

Critical Android 14 and 13 Lock Screen Bug Exposes Google Account Data

Post Views: 1,033

Join our Patreon Channel and Gain access to 70+ Exclusive Walkthrough Videos.

Patreon
Reading Time: 3 Minutes

A newly discovered lock screen bypass vulnerability in Android versions 14 and 13 poses a significant threat to user data stored in Google accounts. Uncovered by security researcher Jose Rodriguez (@VBarraquito), this flaw allows a malicious actor with physical access to a device to potentially access sensitive information such as photos, contacts, and browsing history.

Rodriguez had previously sought assistance on multiple platforms, questioning the possibility of opening a Google Maps link from the lock screen, indicating early signs of the issue. Despite reporting the problem to Google in May, Rodriguez asserts that, as of the end of November, there is still no confirmed date for a security update.

See Also: So, you want to be a hacker?
Offensive Security, Bug Bounty Courses

Discover your weakest link. Be proactive, not reactive. Cybercriminals need just one flaw to strike.

The impact of the exploit varies depending on the user’s installation and configuration of Google Maps, with severity escalating if the DRIVING MODE is activated.

In scenarios where DRIVING MODE is not activated, an attacker can access recent and favorite locations, contacts, and share real-time location information.

If DRIVING MODE is activated, the potential consequences include unauthorized access to photos, the ability to publish or use them as a profile image, and extensive access to Google account information and configurations.

Trending: Necurs: Uncovering the Sophisticated Botnet




Trending: Recon Tool: ReconSpider

Rodriguez encourages Android users to test their phones for the screen lock bypass vulnerability and share their feedback, specifying the Android version and device model for better assessment and awareness.

Trending: Kali Linux 2023.4 Release with Cloud ARM64, Raspberry Pi 5 Support, and New Tools

Are u a security researcher? Or a company that writes articles or write ups about Cyber Security, Offensive Security (related to information security in general) that match with our specific audience and is worth sharing?

If you want to express your idea in an article contact us here for a quote: [email protected]

Source: securityaffairs.com

Source Link

Merch

Recent News

Offensive Security & Ethical Hacking Course

Begin the learning curve of hacking now!

Information Security Solutions

Find out how Pentesting Services can help you.

Join our Community

Share This