Bypassing PIN Authentication on TCL Alcatel Cingular Flip 2 B9HUAH1 Devices

Bypassing PIN Authentication on TCL Alcatel Cingular Flip 2 B9HUAH1 Devices

CVE-2019-16241 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can be bypassed by creating a special file within the /data/local/tmp/ directory. The System application that implements the lock screen checks for the existence of a specific file and disables PIN authentication if it exists. This file would typically be created via Android Debug Bridge (adb) over USB.

Learn more about our Cis Benchmark Audit For Google Android.