“White” hacker and independent information security researcher David Schütz discovered a vulnerability in Google Pixel that allows bypassing the lock screen on smartphones of this series. This has been reported by Android Authority.

Schütz discovered the vulnerability while using his own Google Pixel 6. The smartphone asked for a PIN code instead of a screen unlock code after turning it back on. After three unsuccessful attempts, the system requested the PUK code. After correctly entering a long combination of numbers, the smartphone was unlocked and allowed to use all functions.

Noting this error, Schütz decided to examine the problem more closely. The researcher recreated the failure scenario by trial and error.

If Pixel is on and the SIM card is hot swapped, the smartphone starts asking the SIM card for the PIN code instead of the screen unlock code. After three errors, the PUK code window will appear. By filling it in correctly, any user will be able to access the contents of the smartphone. So, to successfully hack someone else’s Google Pixel, an attacker would need to have access to a smartphone, a SIM card, and a special paperclip to open the tray.

Schütz discovered that the problem described above applies not only to the Google Pixel 6, but also to the Google Pixel 5. Presumably other devices in the Pixel series were also prone to simple hacking.

Specifically, Schütz publicly announced the vulnerability he found after reporting the issue to Google and waiting for Google to fix the bug. For this discovery, Google Corporation awarded the IT professional a $70,000 reward.