Check Point security researchers have discovered a vulnerability in security software that comes pre-installed in Xiaomi smartphones.
Xiaomi is the world’s third largest mobile phone maker in terms of market share, which was 8% in 2018.
The finding was ironic given the mobile app, “Guard Provider“, is used protect the mobile phone from malware and prevent exposure to future attacks.
Check Point Research team described the Xiaomi vulnerability issue in a recent blog post:
“Due to the unsecured nature of the network traffic to and from Guard Provider and the use of multiple SDKs within the same app, a threat actor could connect to the same Wi-Fi network as the victim and carry out a Man-in-the-Middle (MiTM) attack. Due to gaps in communication between the multiple SDKs, the attacker could then inject any rogue code he chooses such as password stealing, ransomware, tracking or any other kind of malware.”
Guard Provider is similar to other types of pre-installed apps that come out-of-the-box and can’t be deleted.
Check Point said they responsibly disclosed the vulnerability to Xiaomi, who issued a patch shortly afterwards.