At least 11 popular Android phones in the US come with security vulnerabilities

At least 11 popular Android phones in the US come with security vulnerabilities
Last week we talked about Homeland Security warning people about smartphones with vulnerabilities. Now, Kryptowire, the company responsible for the report that the department ordered, has released information about specific handsets and what issues it found with them.

From all the devices the company examined, there were 25 in which security vulnerabilities were found and 11 of those are sold in the US. All problems were associated with apps that come preinstalled on the devices, and all of them were added either by the manufacturers or by mobile carriers. However, as we reported yesterday, Google itself isn’t always perfect when it comes to security either.

Here are some examples of the vulnerabilities the researchers from Kryptowire found:

The Essential Phone comes with a pre-installed app called “com.ts.android.hiddenmenu.” It could be accessed by any other app on the devices and be used to delete all information that’s on them, including photos, videos and other personal data.

Several ASUS phones: ZenFone 3 Max, ZenFone V, ZenFone 4 Max and ZenFone 4 Max Pro were allowing apps to install unwanted software that could potentially access text messages, Wi-Fi passwords and even make phone calls.

LG’s G6 smartphone had a vulnerability that would allow access to the kernel log. Although this one is less impactful, it can still be used to extract information about the device.

ZTE ZMAX Pro has a “feature” that could allow text messages to be tampered with and even sent without any knowledge of the user. Meanwhile, some apps that come with the ZMAX Champ could be used to force a boot-loop or a factory reset.

Kryptowire has informed all concerned manufacturers and mobile carriers about its findings. Some of the issues have already been fixed, while solutions for others are currently being prepared.

With thousands of different Android devices out on the market and hundreds of altered Android versions, the fight to fix security holes is a never-ending game of whack-a-mole.

via: Cnet

FEATURED VIDEO

4 Comments

1. AdeelSoomro

Posts: 61; Member since: Oct 26, 2017

Consumers have only 2 options, buy Samsung or an iPhone. That's it

2. Cyberchum

Posts: 1108; Member since: Oct 24, 2012

Those are your only options. Speak for yourself!

3. AfterShock

Posts: 4147; Member since: Nov 02, 2012

Most of these were updated already, research company just listed a bunch of phones without checking if they were patched or not since they first claimed this in spring. Facts, checked not so much.

4. NarutoKage14

Posts: 1347; Member since: Aug 31, 2016

Title correction: EVERY cellular device in the world has security vulnerabilities. Some just have more than others.

Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at https://www.parsintl.com/phonearena or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit https://www.parsintl.com/ for samples and additional information.