Some recently discovered vulnerabilities in Xiaomi devices could put your personal information at risk. These are not "generic" problems related to the operating system, but rather to specific applications HyperOSEx MIUI. Among other things, these problems affect both the old system and the new one. Here's what you need to know to protect yourself.
UPDATE AT THE END OF THE ARTICLE
Vulnerabilities in Xiaomi devices: 20 flaws discovered
The 20 identified Xiaomi vulnerabilities were discovered in 12 different applications integrated into Xiaomi devices. These problems can allow attackers to take over remote control of devices, access sensitive data of users, passwords and other confidential information. Among the compromised applications we find:
- Gallery (com.miui.gallery): This app can access all your photos and videos;
- GetApps (com.xiaomi.mipicks) e Mi Video (com.miui.videoplayer): applications that manage downloads and playback of multimedia content;
- MIUI Bluetooth (com.xiaomi.bluetooth): manages Bluetooth connections;
- Phone Services (com.android.phone) e Settings (com.android.settings): fundamental for device settings;
- Print Spooler (com.android.printspooler): manages the print queue;
- Security (com.miui.securitycenter) e Security Core Component (com.miui.securitycore): important for the safety of the device;
- ShareMe (com.xiaomi.midrop): allows sharing files between devices;
- System Tracing (com.android.traceur): used for system monitoring;
- Xiaomi Cloud (com.miui.cloudservice): For cloud data management.
Some of these apps derive from the AOSP (Android Open Source Project) project and the changes made by Xiaomi have introduced new vulnerabilities. The company's response has not yet arrived but the Oversecured reporting will definitely get your attention.
This episode raises important questions about mobile device security and the importance of regular updates. Xiaomi, despite being one of the largest smartphone manufacturers in the world, faces criticism regarding the security of its software. Commitment to updating and patching these vulnerabilities will be crucial to maintaining user trust and ensure the security of their data, especially after the company saw a runaway due to rising prices.
SECURITY UPDATE TRAINING
Below is Xiaomi's latest reactive statement relating to the security flaws:
Protecting the data security and privacy of our users is our top priority.
Xiaomi has fixed all the vulnerabilities reported by the Oversecured team and has ensured that no user is exposed to risks arising from these vulnerabilities. Users are always advised to update their devices to the latest software version that offers security updates.
