Attention: vulnerabilities in Xiaomi phones

The Chinese company Xiaomi releases smartphones with , with a themes app that tries to bypass Google's built-in Android security protection.

In addition, security researchers discovered a στα chip MediaTek που καθιστούν ευάλωτο το σύστημα πληρωμών που είναι ενσωματωμένο στα smartphone της Xiaomi.

Xiaomi

Google's PlayProtect is known to scan apps installed on the device for malware, viruses, trojans, etc. So today there were reports from Google's security app that Xiaomi's themes app is malicious. A false alarm, a small mistake on the part of Xiaomi or Google, a political decision?

On reddit.com, however, there are many posts from users who discuss the matter. The image below is actually from this reddit.com post and shows one by Google Play Protect.

xiao

Other posts on reddit.com can be found here and here. On August 13, 2022 with an update on August 14, 2022, Xiaomi published this message on her forum:

The Themes app has been blocked by Google Play Protect. We are working with Google to identify the cause of the problem.

If you're still seeing the notification but haven't yet disabled the Themes app, here's what you can do

Actually Google Play Protect blocked the Themes app and the warning should no longer appear as the manufacturer is working with Google to resolve the issue. It might have been a false alarm from Google Play Protect.

Security gaps in Xiaomi's payment mechanism

Security researchers from Check Point Research (CPR) have identified security vulnerabilities in Xiami smartphones with MediaTek chips that allow payment forgery and disabling of the payment system by an unprivileged Android app.

Xiaomi can embed and sign its own trusted apps on the devices. But CPR said attackers can transfer an old version of a trusted app to the device, overwriting the new app file. This allows an attacker to bypass security fixes and mechanisms made by Xiaomi or the MediaTek chip.

Check Point security researchers discovered several security holes in the trusted “thhadmin” application, which is responsible for managing security. These security holes could be used to spy on stored keys or execute malicious code.

Xiaomi devices have a built-in mobile payment framework called “Tencent Soter”. The framework provides an API to third-party Android apps to integrate payment functions. Its main function is to enable verification of payment packets transferred between a mobile application and a remote backend server. This is essentially the security that users rely on when making mobile payments.

Hundreds of millions of Android devices support Tencent Soter. The Pay and Alipay are the two biggest players in the Chinese digital payment industry. Together, they account for about 95 percent of China's mobile payments.

Each of these has over a billion users. WeChat Pay is based on Tencent's Soter.

The vulnerability discovered by CPR, which Xiaomi lists as CVE-2020-14125, attacks the Tencent Soter platform and allows an unauthorized user to sign fake payment packages.

During the investigation, CPR found a way to attack the platform built into Xiaomi smartphones, which is used by millions of users in China for mobile payments. An unprivileged Android app could exploit the CVE-2020-14125 vulnerability to run malicious code on the trusted Wechat app and create payment packets.

Read above

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.
Xiaomi, security gaps, iguru

Written by giorgos

George still wonders what he's doing here ...

One Comment

Leave a Reply

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).