25
Mar
xperia-z-group-black

You'd think the concept of a lockscreen would be simple. It, you know, locks the phone. Several OEMs have still ended up with bugs that allow users to get around the lockscreen completely. The newest such vulnerability has been discovered in Sony's flagship, the Xperia Z. Just a few simple steps, and anyone can gain full access to the device.

In the video, you can see one Scott Reed demonstrating the problem. By pulling up the emergency dialer from the lockscreen you can enter the USSD code *#*#7378423#*#*. That code opens up the device's services menu. From there, it's a simple matter of triggering the NFC Diag Test, which allows you to press the home button and actually get to the homescreen. The problem is not that the services menu is accessible, but that pressing the home button sends the user to the homescreen and not back to the lockscreen. The device is completely unlocked at this point. The only thing an intruder wouldn't be able to do is disable the PIN or pattern lock completely.

It's a pretty serious flaw, but it's not likely Xperia Z owners will encounter a lot of people that know this little trick. Sony recently sent out a fix for the random death bug some users were experiencing, but this issue was not known at the time. Looks like Sony has more work to do.

[GSM Arena]

Ryan Whitwam
Ryan is a tech/science writer, skeptic, lover of all things electronic, and Android fan. In his spare time he reads golden-age sci-fi and sleeps, but rarely at the same time. His wife tolerates him as few would.

  • Bryce Mrozinski

    Does anyone in the US even have this phone??

  • http://www.facebook.com/johnny.garcia.779 Johnny Garcia

    1st my bicthes (;

    • erectus

      First descendant of ancient man?
      With that Neanderthal forehead? lol

    • squiddy20

      Congratulations. Want a cookie?

  • SquiZoe

    Funny thing is you cant use ur homebutton anymore.. at least I cant after trying going through this procedure...

  • http://www.facebook.com/krystal.moore.16 Krystal Moore

    But my questions is...HOW WOULD ANYONE KNOW THAT? Do they just punch in random buttons and figure stuff out? :P

  • chris125

    Can't any of these companies get the lock screen right? I mean first apple, then samsung, now sony. Come on!

  • ThanksDude

    I record all my Youtube videos in portrait mode while in a helicopter.

  • http://twitter.com/Gehim Rehan Ahmed

    Tomorrow's headlines, "Apple sues Sony for having a bug in the lockscreen because Apple had the same bug a few days ago."

  • idi

    This doesn't seem to happen on mine. I cant get to the services menu from the lock screen

  • Zviki

    Well,secret services need some access to your data

  • And

    Bug is also there on Xperia V, so propably on T, TX, S etc. also

  • aw3som3

    uh... that is not a 'security flaw'. it's 'breaking into someone's device' such as 'breaking into someone's home' is also not a 'security flaw' of their front door or window broken...

  • aw3som3

    that's like saying: oh, hey, look! your home has a security flaw! as you throw a brick through their winder.. yer stupid. that's all.

  • bonesnatch

    It also works on Xperia GO