Recently Google introduced a remote Device locking feature to its Android Device Manager to unlock a stolen or lost device. This feature was exploited
Researchers from Curesec Research Team from Germany discovered a vulnerability on Android 4.3 that allow a malicious app to remove device locks.leading to CVE 2013-6271.
The vulnerability Described here Enables any rouge app at any time to remove all existing device locks activated by a user. Curesec disc losed this vulnerability as Google Android Security Team which not responding any more about this issue.
The bug exists on the "com.android.settings.ChooseLockGeneric class". This class is used to allow the user to modify the type of lock mechanism the device shouldhave. Android implements several locks, like pin, password, gesture and even face recognition to lock and unlock a device. Before a user can change settings thesis, the device asks the user for confirmation of the previous lock.
The Curesec Research Team already notifies this vulnerabilty to Google seccurity department, they are not responded about this vulnerability.
Researchers from Curesec Research Team from Germany discovered a vulnerability on Android 4.3 that allow a malicious app to remove device locks.leading to CVE 2013-6271.
The vulnerability Described here Enables any rouge app at any time to remove all existing device locks activated by a user. Curesec disc losed this vulnerability as Google Android Security Team which not responding any more about this issue.
The bug exists on the "com.android.settings.ChooseLockGeneric class". This class is used to allow the user to modify the type of lock mechanism the device shouldhave. Android implements several locks, like pin, password, gesture and even face recognition to lock and unlock a device. Before a user can change settings thesis, the device asks the user for confirmation of the previous lock.
The Curesec Research Team already notifies this vulnerabilty to Google seccurity department, they are not responded about this vulnerability.
Nice sharing.If you need the permanent sim network unlock code for GSM phones at reasonable cost with easy step by step unlocking instructions visit the site SimpleUnlocking.com and unlock it.This is the fast and permanent unlocking method.
ReplyDelete