[Google] Full Google/Gemini Assistant Access on Pixel Lock Screen and "Lock Down" mode

Pixel phones which have disabled Google Assistant and which are in "Screen Lock" or in "Lock Down" mode are allowing full access to Google Assistant or Gemini as Assistant.

On Locked Screen or in "Lock Down" mode, an unusual behaviour is allowing this which I think shouldn't be as it is.

POC steps are really simple -

1. Turn OFF Google Assistant.
2. Lock the screen or enable "Lock Down" mode.
3. Trigger Google Assistant by pressing the Lock button.
4. A popup will appear to turn ON the Google Assistant (the unusual behaviour).
5. Click on "Turn ON".

Assistant now can perform actions based on the Google Assistant privacy settings, which includes allowing to do the following -
major one's like fetching personal results, making a phone call (using Apps as well like WhatsApp), send messages (using Apps as well like WhatsApp) or even control devices which are added to Home App like TV, AC, IP cams, Fridge etc....

Timeline -

Reported - 18.05.2024

Closed - 20.05.2024

"Hi! We've investigated your submission and decided not to track it as a security bug, as we're already aware of this problem.

Some background: Users of Android phones are able to configure unlocking their phone when saying OK Google. This feature is called "Voice Match" or "Trusted Voice", depending on the Android version in use. Sometimes, this setting gets enabled when setting up the Google Assistant.

Please kindly check in your phone settings if this unlocking feature is enabled. This might be under different settings depending on your Android version, phone manufacturer, or your locale settings – check your settings for "Smart Lock", "Voice match", or "Trusted Voice". For example, on a Google Pixel in Android Oreo, this should be visible under Settings > Security and Location > Trust Agents. In Samsung phones, this might be under Settings > Lock Screen and Security > Smart Lock > Trusted Voice > Unlock with Voice Match.

To keep your phone from unlocking when you say OK Google, or a closely matching phrase, please turn this feature off.

For more details, see these articles on Pixel and Google Assistant. We are aware that the voice recognition is not perfect, and that there might be various bypass methods by e.g. recording the phrase and then replaying it, or triggering certain actions in Google Assistant. You can block all of those vectors by disabling Voice Match/Trusted Voice in your settings.

If we misunderstood your report, please let us know."

Me - 21.05.2024

As your reply stated, the Google Assistant is turned off in this POC.
The report itself shows the ability to turn on the Google Assistant when it's turned off.
The "Voice match" or "Trusted voice" is disabled in this POC.
In fact you don't even need a voice. To prove it, turn on keyboard as input device preference and you can still reproduce the issue with same steps.
In Android 14, the "Trust Agents" are also turned off and the issue is still reproducible.
Please read the report and watch the POC video."

Triaged - 25.05.2024

Closed as working as intended - 25.05.2024

Popular posts from this blog

[Google] Access to BGP server + DOM XSS

[Google] YouTube "restconf" Swagger-UI XSS

[Google] Disclose hidden Blogger profile Display name and Profile photo