A vulnerability allows remote code execution (remote code execution or RCE) in Xiaomi's MIUI app for Android OS, in all versions of the app before MIUI Global Stable 7.2.
The vulnerability exists in the MIUI Analytics component, which is used by various Android applications to data collection of how their application is used on the user's device.
According to her Security Intelligence Group IBM, this feature has an auto-update mechanism that allows MITM attacks (Man-in-the-middle) and can be used to distribute malware.
Because MIUI analytics does not verify the receipt of a packet, an attacker has the ability to execute its code with the privileged user privileges on the Android system.
The problem έγκειται στο γεγονός ότι το MIUI analytics χρησιμοποιεί HTTP για την αναζήτηση κάποιου διακομιστή ενημερώσεων αλλά και για τη λήψη πακέτων. Ένας εισβολέας που παρακολουθεί τα αιτήματα ενημέρωσης, μπορεί να χρησιμοποιήσει βασικές τεχνικές πλαστογράφησης, και να απαντήσει στο όνομα του server.
This answer naturally contains links to a malicious APK.
The case of Xiaomi's software vulnerability is very dangerous because the company is the third largest smartphone manufacturer in the world, after Samsung and Apple.
The company has over 70 more than a million 2015 devices, so you understand that too many are at risk, especially those who do not have the latest version of the operating system.
Researchers have informed Xiaomi about the issue since last January, and the company quickly released a new MIUI update that fixes vulnerability.
