Office

Xiaomi's security app had a vulnerability

Table of contents:

Anonim

Xiaomi uses the Guard Provider app as a security app on their phones. It seeks to protect users with a brand smartphone from possible attacks. Although in this case, it was precisely the security app that had a major flaw in this regard. Due to this error, security attacks were allowed on the phones.

Xiaomi's security app had a vulnerability that allowed attacks

Apparently, this app uses several SDKs within the same code, which makes the transfer of data between them slow. What has allowed the attacker to inject a code into the app.

Xiaomi security flaw

This way, if the attacker is on the same WiFi network as the user, they could carry out a Man in the Middle attack. Which would give you the ability to access data such as user passwords. It could also track user information in this regard. Furthermore, it seems that this Xiaomi security app is not the only one to use these integrated SDKs.

There are more apps that work this way, leading to operational problems. Therefore, this situation could be repeated in more cases, as some security researchers have commented. In the case of the Chinese brand it has already been resolved.

Xiaomi has confirmed that they have already solved this security problem in the app. So users are no longer vulnerable. The app has already been updated, so that it works correctly. It appears that no one has been affected by the ruling.

ZDNet Source

Office

Editor's choice

Back to top button