Accidental $70k Google Pixel Lock Screen BypassI found a vulnerability affecting seemingly all Google Pixel phones where if you gave me any locked Pixel device, I could give it back to you unlocked. The bug just got fixed in the November 5, 2022 security update.
The issue allowed an attacker with physical access to bypass the lock screen protections (fingerprint, PIN, etc.) and gain complete access to the user’s device. The vulnerability is tracked as CVE-2022-20465 and it might affect other Android vendors as well. You can find my patch advisory and the raw bug report I have sent to Google at feed.bugs.xdavidhu.me.
https://bugs.xdavidhu.me/google/2022/11/10/accidental-70k-google-pixel-lock-screen-bypassCaptainDivano 657 points 13 hours ago
So they told you it was a duplicated report and didn't intended to pay you, so you pressured them with the October's disclosure and they paid you 70k to shut up, right?
jk jk, congrats man
https://old.reddit.com/r/programming/comments/yreblh/accidental_70k_google_pixel_lock_screen_bypass