Gemini Lock Screen Bypass Bug in Android

PromptCube3.com Novice 9h ago 161 views 11 likes 1 min read

via iframe (www.youtube.com)
Key points
  • A vulnerability in Android allows Gemini to send texts and modify app permissions without a PIN on the lock screen.

  • The bypass occurs by quickly clicking "Add attachment" while the system prompts for authentication.

  • Google has acknowledged the issue, which was flagged as an "known issue" in Android 16.
  • This is a classic example of how adding "convenience" layers—like AI assistants—can inadvertently create security holes. The fact that a simple timing trick (clicking a button during a prompt) can bypass a PIN is frustrating, but it's a reminder that the attack surface of our phones is growing.

    What's particularly concerning here isn't just the SMS capability, but the ability for the AI to toggle permissions for other apps like WhatsApp. It shows that Gemini has deep system hooks that aren't always perfectly gated. While this requires physical access to the device, it's a wake-up call for anyone relying solely on a lock screen for privacy. Until the patch rolls out, disabling assistant access on the lock screen is the only real safeguard. It's a step backward for UX, but a necessary one for security.

    Google

    All Replies (0)

    No replies yet — be the first!

    Write a Reply

    Markdown supported