A vulnerability has been discovered in certain Android operating systems, which would allow an attacker to bypass the lock screen and gain full access to a locked device. The vulnerability was discovered by the University of Texas and reported to the Android security team back in June with an update appearing this month which fixes the problem. Versions of Android affected include v 5.0 through v 5.1.1 “LMY48M”.
The attack relies on the attacker having physical access to the device and the user having a password set. The attack itself involves entering a large string of characters into the password field, while the camera app is active. By doing this the attacker is able to crash the lock screen and gain access to the home screen. At this point the device is unlocked and the attacker has full access to device, even with encryption enabled.
The attack relies on the attacker having physical access to the device and the user having a password set. The attack itself involves entering a large string of characters into the password field, while the camera app is active. By doing this the attacker is able to crash the lock screen and gain access to the home screen. At this point the device is unlocked and the attacker has full access to device, even with encryption enabled.
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
