Xiaomi phones with pre-installed Security app were found to be vulnerable to cyber attacks. The company is one of the largest mobile phones manufacturers in the world and the security flaw could have enabled attackers to access the incoming traffic via Guard Provider app. This flaw was discovered by Israeli cyber-security company, Check Point followed by which Xiaomi has issued a patch.
If this flaw would have been left unattended, it would have provided access to cyber-criminals to abuse this vulnerability and remotely control the phone or even steal user's data. In the report by Check Point, it was discovered that the default antivirus app Guard Provider uses three different services- Avast, AVL and Tencent. The codes for these services use unique Software Development Kits (SDKs) which has been found to be the root cause of the problem.
Interestingly, the coding libraries of Avast and AVL left open a way for anyone to run malicious code on Xiaomi smartphones, intercepting unencrypted traffic. This is known as the Man-in-the-Middle attack and often puts user data at risk.
The report also perfectly proves that the use of multiple SDKs on a single app can develop into security flaws that might put the user at even more risk. Moreover, these SDKs itself are full of bugs in the first place and can combine to mutate into a bigger vulnerability.
