Xperia Z security flaw exposed as lock screen bypassed

by XB on 25/03/2013

in Problems, Videos, Xperia Z and Xperia ZL


Xperia Z unlockIt looks like the Sony Xperia Z (C660X) is the latest in a long line of smartphones to see its lock screen bypassed, posing a big security risk if your phone falls into the wrong hands. The bypass is easy to do and involves hitting the ‘Emergency call’ button when the lock screen appears. You then need to enter the appropriate codes (*#*#7378423#*#*) to enter the service menu, the same on all Xperia phones.

Once inside, click on Service tests > NFC > NFC Diag Test and then hit the home button. You can now browse the phone as normal. We have just tested this on our resident Xperia Z and can confirm the above works without any problems. The lock screen can’t be changed without knowing the passcode or pattern, but you can access all areas of the phone. Let’s hope Sony fixes this exploit as soon as possible.

Via GSM Arena.

  • Xperia S Android 4.1.2 Jelly B

    Xperia S Android 4.1.2 Jelly where?????????????????

  • http://www.facebook.com/BenedictChongBH Benedict Chong

    Tested on my Singapore set with firmware .434 and it has this security flaw, at least it requires more steps than Samsung Security Flaws so hope Sony will fix this soon.

  • lovebmw

    how was that discovered?

  • xperiax10.awesome

    Cm’on grow up !!!!
    I have seen you crying everywhere in XperiaBlog for Xperia S JB

  • http://www.facebook.com/people/Nguyen-Eazy/100000166243977 Nguyen Eazy

    I’m more worry about the guy who invented this *#*#7378423#*#* code

  • http://burbur.net/ Danny Hage

    Scott Reed (The person who made the video) answered that question on GSM Arena:

    I believe people want the software to actually be secure. I found this
    randomly out of curiosity from investigating rooting on this phone but
    the reason it’s publicised is the same reason you publicise scams, so
    people know to be wary and so the manufacturers fix it. I for one don’t
    want people accessing my phone and charging hundreds of pounds on my
    play account….that is why we have security screens

  • Venator

    Why? It’s made for easy access to places where you can repair your device, while at th same moment it’s hidden for the consumer

  • simon re

    *#*#7378423#*#* is just a numeric shortcut for *#*#service#*#*

  • http://www.facebook.com/samiyudeen Samiyu Deen

    *#*#service#*#*

  • http://www.facebook.com/rudefromdahood Nidhal Akatheking

    i just tried it now in my Xperia S and thanks god didn’t work, it returns u back to the lock screen :P

  • ShinOrochiX

    Live with Walkman Jelly Bean? When?

  • http://www.facebook.com/JesusLopezSotelo Jesús López Sotelo

    I’m an idiot for trying to learn the numbers instead of looking at the letters. Thanks bro.

  • James

    It affects the Sony Xperia T as well, I have just tried it. It is running Android 4.1.2

  • Richard

    Tried on Xperia V running 4.1.2 – it worked briefly (a couple of
    seconds) and then flicked back to the lock screen. After that I had to
    use the unlock code to re-enter the service app

  • azmadu

    good thing I’ve not yet got my purple one. Maybe it’ll be fixed by the time mine is ready to ship from my pre-order. Should I consider cancelling my order I wonder?? Well I’ve not lost a phone in the past 13 years so, no I won’t. :-)

  • make.believe

    It works on my Sony Xperia V!

  • http://twitter.com/black_dragon88m the_black_dragon

    If you have root just disable ServiceMenu with Titanium and the Problem is solved at the Moment… but hope they’ll fix it soon

  • http://www.facebook.com/9Steve Stefano Fiore

    more steps but is moooore easy

  • http://www.facebook.com/9Steve Stefano Fiore

    I remember sony fan laughing to Samsung for same problem wiht S3/Note2

  • Bayhas Kana

    LT28i Ion is not affected.

  • James King

    Tried this on all my devices. Xperia Z, TL, and P have the security issue. Xperia S and ion did not.

  • http://www.facebook.com/people/Vladimir-Marcoci/100001406868085 Vladimir Marcoci

    lol it did on my Xperia s!!!

  • semo

    very soon according to the December 2012 schedule, must be in somewhere in April

  • http://twitter.com/arrowthefirst Filipp

    Isn’t it stupid/paranoid to use all these locks?

  • juanfran

    no, the problem is only for the Xperia Z

  • Pingback: Une faille dans le Sony Xperia Z permet de déverrouiller le téléphone sans rentrer la sécurité | Les Solutions Open Source Business

  • http://twitter.com/techgospel Tech Gospel

    Doesn’t seem to work on my Xperia P. I’m using the Pattern Unlock though.

  • James King

    So was I. I am using firmware 6.1.1.B.1.54

  • James King

    Actually it affects more than just the Z but it looks like the S doesn’t have this issue.

  • James King

    Make up your own mind when you phone is stolen and the info you have on there is used against you. Lock screens and remote wipe capabilities are there for your protection. You don’t have to use them if you don’t want.

  • Amimanot

    It seems that any phone with jelly bean has this flaw, maybe this bug existed within jelly bean itself

  • Pingback: Xperia Zでもパスワード入力回避のバグが発見される | Gadget Way

  • alx

    if they fix this we’ll need a new method to root the device. The current exploit uses the NFC

    vulnerability too.

  • gavin1995

    Just tried it, it does work…oh well…I got another program for app lock…

  • afzal

    The code num for service test purpose.. Funny how easy it can be menuplate

  • Kalyan

    Even I did it & got d same result…. :)

  • http://www.facebook.com/profile.php?id=515766799 Faheem Mohammed

    Yip, my Xperia T also! (4.1.2)

  • Pingback: Sony Xperia Z 的漏洞让我们可跳过锁定屏幕,幸好还有应对方案 – AYOU资讯

  • Pingback: Sony Xperia Z 的漏洞让我们可跳过锁定屏幕,幸好还有应对方案

  • Pingback: Sony Xperia Z 的漏洞让我们可跳过锁定屏幕,幸好还有应对方案 | 云动态

  • Pingback: Lock Screen Bypass pada Xperia Z - CISO Magazine | CISO Magazine

  • Mithfalath

    Im quite surprised it isn’t working on Tx so I’m quite relieved.

  • http://www.facebook.com/SisangAning8 Jean Natividad

    NICE! I LOVE YOU!

  • Pingback: Official Xperia Z Thread - Page 252 - www.hardwarezone.com.sg

  • http://www.facebook.com/BenedictChongBH Benedict Chong

    Yes, it is Anroid flaw and that shows how good is the coding for Sony compared to Sam Sung.

  • blu

    Hi, just want to share. I have totally removed the emergency lock in my experib z just type code 123456 and press okay then go to security to remove the security setup. Hope this helps. Thanks

  • Lakshan Bandarathilake

    Type this code (*#*#7378423#*#*) >>> Go to service test >>>>> and connect to WLAN through a wifi hotspot( its gets searched automatically) >>>>>and once connected to wifi you can enter the gmail info and get through the pattern easily>>>>>>Simple as that!!!

  • JIBIN

    how 2 remove pin password from sony xperia E….. bro plzz help me…………………

  • Tim

    does this work on the 4.0.4 firmware version somehow? i really need help. thanks.

  • Dhaval

    I tried by typing this code.. .. And i also tried by pressing volume dowm + power key…Nothing happens.. Plzz help me.. I want to unlock my xperia tipo.. I forget pin no

  • iqbal

    how to rimov patan paswerd

    xperia z

  • thomas

    Don’t work on my sony xperia z1

  • findwl

    Not working on my Xperia Z……

Previous post:

Next post:

Sitemap