Critical Android Lock‑Screen Race Condition Lets Malware Bypass 12‑13 Security

A new critical flaw uncovered by Malwarebytes exploits a race condition in Android’s UI handling code. The bug allows a malicious app to take control of the lock‑screen workflow on unmodified devices running Android 12 or 13, bypassing PIN, password, or biometric protection in under a minute after the app is installed. No root privileges or custom ROMs are required, making the attack viable on a wide range of consumer and enterprise phones.

Defenders must treat this as an immediate priority because the bypass grants attackers full device access, enabling data theft, credential harvesting, and lateral movement within corporate networks. Mitigations include accelerating vendor patches, enforcing strict app‑installation controls (e.g., whitelist/MDM policies), monitoring for abnormal UI‑related system calls, and deploying endpoint detection that flags rapid lock‑screen state changes. Until patches are broadly deployed, limiting the installation of unknown apps and enforcing encrypted storage are essential stop‑gap measures.

Categories: Vulnerabilities & Exploits, Identity & Access Management

Source: Read original article