Android lockscreen bypass: Google patches flaw on Nexus 5X phones

Google has mounted a bug touching the Nexus 5X that allowed associate assaulter to extract info from a tool, although it had been fastened.

Google has patched a bug touching Nexus 5X phones that might have exposed info keep on handsets, although they were passcode-protected.
The security flaw was according by IBM's X-Force security team, that same the vulnerability would have allowed associate assaulter to get a full memory dump via robot correct Bridge (ADB), a command-line tool for PCs that developers will use with a USB-connected robot device.
IBM same the bug, that affects older versions of Nexus 5X's robot pictures, was "rather straightforward" to use and was thanks to a flaw within the fastboot USB interface.
"The vulnerability would have allowable associate assaulter to get a full memory dump of the Nexus 5X device, permitting sensitive info to be exfiltrated from the device while not it being unbolted," IBM notes.
Under one technique for exploiting the bug wherever the assaulter did not have physical access to the device, the hacker would 1st infect associate ADB-authorized developer's laptop with malware.
An alternative approach would are to plug a French telephone into a malicious charger, though this approach would solely achieve success against devices that had enabled ADB. Also, the target would have required to authorize the malicious charger when it had been connected.
"The assaulter reboots the phone into fastboot mode, which may be avoided any authentication. A physical assaulter will try this by pressing the volume-down button throughout device boot. associate assaulter with ADB access will try this by provision the adb revive bootloader command," IBM explained.
The fastboot mode exposed a USB interface, that successively allowed the assaulter to issue a command to crash the bootloader. In vulnerable versions of the bootloader, this crash would expose a association that enabled the assaulter to induce a full memory dump of the device.

IBM conjointly found that thanks to the bug within the bootloader, the assaulter would be ready to retrieve the device's watchword from the memory dump, permitting any attacks.