The file is unencrypted and can be modified by an attacker. When the passcode is modified, all System settings are reset back to factory defaults, causing the device to lose all data and settings. This can be exploited to remotely access the device and control it.
The passcode can be modified via local access, via SSH or via remote access. An attacker can find the passcode in the System settings. The passcode consists of five digits, which will be visible in the System settings.
An attacker can modify the passcode to gain remote access to the affected device. There is no easy way to reset the device to factory defaults.
Local access:
An attacker can modify the passcode via local access, which is the most common way of doing this. An attacker will find this method in System settings.
Local access
An attacker can modify the passcode by changing it on the device itself, which will change the System settings and reset all data. This can be done through local access. This is possible because the passcode is only five digits long and any digit 0 - 9 can be modified in the System settings.
Install "List of Android Devices" to check if your device is vulnerable
List of Android Devices: https://developer.android.com/reference/packages/device-check.html
Timeline
Published on: 08/29/2022 23:15:00 UTC
Last modified on: 09/02/2022 18:58:00 UTC