CyanogenMod allegedly susceptible to Man-in-the-Middle attacks due to negligence

Being the most popular 3rd-party ROM for Android, CyanogenMod surely basks in a lot of popularity from those Android users who are into custom firmwares. Unfortunately though, it appears that the ROM might pose a lot of security threats to its users, as it is allegedly susceptible to MitM (Man in the Middle) attacks. Discovered by an anonymous security researcher, the breach has the potential to bring some trouble in paradise for those who make use of CyanogenMod and the numerous other ROMs that derive from it.

The reason for this extremely serious breach is pure negligence. See, the researcher claims the team behind CyanogenMod has just “copy-pasted” an outdated code sample of Oracle's Java 1.5. The code is used so as to parse certificates and take cold of hostnames, but suffers from an old bug and is by no means resistant to MitM attacks.


The anonymous researcher has subsequently tried to reach up to Cyanogen and inform them about the gaping hole in CyanogenMod's security. Hopefully, the team behind the popular ROM has undertaken the necessary actions and will fix the flaw.

Holiday special: Iconic Phones is now 10% off!

Our new coffee table book, Iconic Phones, is a stunning visual tribute to the legends in the world of phones, featuring exclusive high-resolution photography, stories, quotes and fun trivia. Save 10% by using this code at checkout: XMAS10. Offer lasts until 1 January 2026.

Shop Now