Join us on Telegram | Early Samsung Black Friday deals, check them out right now!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission. Learn more.

Nasty vulnerability shows Galaxy phones can be safer than Google Pixels

Firmware
By 

Last updated: November 10th, 2022 at 15:54 UTC+01:00

Samsung’s security patches usually come with dozens of fixes to vulnerabilities concerning Google’s Android OS and Samsung’s own software, whether it’s One UI or other components that are unique to Galaxy devices. Interestingly enough, the November 2022 security patch has addressed an Android OS security flaw that has plagued Google’s Pixel phones for a few good months. But although this fix was mentioned in Samsung’s November bulletin, Galaxy device users need not worry about it.

The vulnerability, labeled CVE-2022-20465, allowed anyone with an extra SIM card to bypass the lock screen of a Pixel 5 or Pixel 6 (at least) and unlock these phones. Indeed, it was a full-fledged lock screen bypass that didn’t require any external tools (aside from a regular SIM) or advanced hacking skills.

As demonstrated by the Pixel owner who found the issue in the video below, anyone with an extra SIM could have unlocked a Pixel phone just by hot-swapping the card, entering the wrong PIN three times, inserting the correct PUK, and then setting up a new PIN.

This lock screen bypass seemingly was never an issue for Galaxy phones

Although this massive security flaw appears to have existed for months before Google addressed it on Pixel phones with the November 2022 patch, it seemingly was never a problem for Galaxy phones. Yes, Samsung lists the vulnerability in the November 2022 bulletin, but even before this fix was released, Galaxy phones were seemingly safe from this egregious lock screen bypass flaw.

Android open-source commits show that the problem was deeply rooted in Android OS and the way the operating system deals with so-called “security screens,” whether they’re PIN entry screens, password screens, fingerprint screens, and so on. This appears to be the reason why it took Google a few good months to address the issue for Pixel phones, but it also shows that, sometimes, Samsung’s phones are more secure than Google’s devices, thanks to the Korean tech giant’s own Android skin and proprietary software.

On the bright side, Samsung devices appear to be safer than Pixels, at the very least in this one instance. Then again, finding this flaw led to a $70,000 reward for the person who helped Google. Had he used a Galaxy device, he probably would’ve remained unaware of the security flaw and never got that $70,000 reward.

In any case, if you want to be completely sure that your Galaxy device can’t be as easily unlocked through this exploit, you should download and install the November 2022 security patch on your Samsung phone as soon as it is available. So far, it rolled out for several devices, including the Galaxy Z Fold 3 and 4, the Galaxy Z Flip 3 and 4, and the US-unlocked Galaxy Note 20 series, with more to come.

Firmware GoogleNovember 2022 Security PatchPixel
Load 0 comments

You might also like

Galaxy Z Fold 4 gets stable Android 13 (One UI 5.0) update in India

Over the past week, Samsung released the stable Android 13 update to the Galaxy Z Fold 4 in South Korea and the US. Now, the update is also rolling out to the Galaxy Z Fold 4 in India. Other countries could get the update within the next few days. The stable Android 13 (One UI […]

  • By Asif Iqbal Shaik
  • 32 mins ago

Google Play Store will ask you to update apps if they crash on your Galaxy device

Google Play System updates bring a lot of improvements to all Android smartphones with Google Mobile Services. One such change that is a part of the latest November 2022 Play System update is that if an app is crashing, the phone will now prompt you to install an update to fix them. This change is […]

  • By Sagar Naresh
  • 4 hours ago

Galaxy Z Fold 3 gets stable Android 13 update, but limited to beta testers for now

The Galaxy Z Flip 4 and the Galaxy Z Fold 4 started getting the stable Android 13 update yesterday in South Korea. After releasing the fifth One UI 5.0 beta update to the Galaxy Z Flip 3 and the Galaxy Z Fold 3 last week, Samsung has released the stable Android 13 update to the […]

  • By Asif Iqbal Shaik
  • 5 hours ago

Wild rumor claims Samsung’s Exynos 2300 has a special core for One UI optimization

It has been widely reported that Samsung has ditched the Exynos 2300 in favor of the Snapdragon 8 Gen 2 for the Galaxy S23. However, there has been no official word from either Samsung or Qualcomm about the Snapdragon’s exclusivity. Some reports also claim that the Galaxy S23 will use a higher-clocked version of the […]

  • By Asif Iqbal Shaik
  • 5 hours ago

Galaxy Z Flip 4, Z Fold 4 getting stable Android 13 update

Last week, Samsung released the stable Android 13 update to the Galaxy Z Flip 4 and the Galaxy Z Fold 4, but it was limited to those units enrolled in the One UI 5.0 Beta program. Now, the company has started rolling out the stable update for everyone in certain markets. The stable Android 13 (One […]

  • By Asif Iqbal Shaik
  • 1 day ago

Galaxy S20 series gets improved security November 2022 security patch

Last week, Samsung released the stable Android 13 update to the Galaxy S20 series. However, the update did not bring the latest security patch to the smartphones. Now, one week after the previous update, Samsung has released the new update to the Galaxy S20 series with the November 2022 security patch. The latest software update […]

  • By Asif Iqbal Shaik
  • 1 day ago