Nonetheless, it’s a security vulnerability that we’re talking about over here. Actually, it was first discovered by Dmitri Alperovitch of CrowdStrike, who is a co-founder of the cybersecurity firm, and from the way he sees it, it could’ve been due to poor development. Well, it’s either that or someone (or something), could’ve made it for other malicious purposes.
Essentially, the backdoor security hole allows someone to gain root access to the handset, and from there, they can do just about whatever they want – including removing or stealing data from the handset. Interestingly enough, some point the finger directly at the manufacturer, and in this case, it’s ZTE. In fact, along with another Chinese based manufacturer, Huawei, they’ve been alleged in the past to have ties closely with the government, which doesn’t particularly help their public image when something like this breaks out. Still, the two companies have denied such allegations.
As it stands, ZTE is hard at work producing a fix for this security hole on the ZTE Score M. ZTE said in an email:
"ZTE is actively working on a security patch and expects to send the update over-the-air to affected users in the very near future. We strongly urge affected users to download and install the patch as soon as it is rolled out to their devices."
source: Yahoo via AndroidGuys