Cell Phone Hospital
Call us today 918-949-4400
  • Repair
    • Micro Solder Catalog
    • Laptop Screen Repair
  • Our Team
  • Our Locations
    • Tulsa
    • East Tulsa
    • South Tulsa
    • Owasso
    • Broken Arrow
  • Blog
  • Contact Us
Nearly 150 vulnerabilities come on many Android devices out of the box
15 Nov

Nearly 150 vulnerabilities come on many Android devices out of the box

by hassan / 0 Comment

In a new detailed report, security firm Kryptowire revealed 146 different Android vulnerabilities across 29 various OEMs, including Samsung, Asus, Xiaomi, and Sony. Kryptowire discovered these with its in-house automated firmware scanning tools, and most of the affected manufacturers hail from Asia.

The worst part about these vulnerabilities is that every one of them comes on affected devices out of the box. This means users can do nothing in the way of mitigating these issues when they purchase one of these handsets. 

What are these Android vulnerabilities?

Kryptowire Android Vulnerability TypesKryptowire

These Android vulnerabilities cover a wide variety of possible exploits. Some of these include unauthorized audio recording and the ability to modify certain system settings. Some of them exist because of apps preinstalled on the system, while others originate deep within the device’s firmware.

According to Wired, Kryptowire began notifying Google and affected manufacturers this summer. But, not all OEMs agree the findings are that big of a deal. After Kryptowire informed Samsung, it began investigating the issue and believes the appropriate protections are already in place. Kryptowire disagrees with Samsung’s claims and says third-party actors can still gain access to private information on the device without user authorization.

Related: These Samsung Galaxy phones will get 4 years of guaranteed Android security updates

Google has already taken steps toward removing many of the bugs that come preinstalled on Android devices. But no matter how hard Google works to remove vulnerabilities like this in Android, they will never go away unless OEMs work harder to prevent them as well.

Which devices are affected?

Kryptowire Android Vulnerabiltiy OEMsKryptowire

Though most affected vendors operate out of Asia, many of these companies ship phones worldwide. Most handsets on the list are mid-range devices, including the Xiaomi Redmi Note 6 Pro, the Sony Xperia XZs, and the Samsung Galaxy A8 Plus. Kryptowire CEO Angelos Stavrou believes these vulnerabilities land on devices when OEMs seek profit over security.

“In the race to create cheap devices, I believe that the quality of software is being eroded in a way that exposes the end user,” Stavrou told Wired.

You can read Kryptowire’s report for yourself at the link below. Even though there is no immediate fix for these vulnerabilities, you should still check if any of them affect your Android device or not.

Read next: New Android security features include incognito mode in Maps, more

Categories: Blog
Share on facebook Share on twitter Share on pinterest

From the blog

26Jan

Samsung S21 Review
Samsung S21 Reviewby hassan

29Dec

Apple iPhone 12 Vs. Samsung Galaxy S20
Apple iPhone 12 Vs. Samsung Galaxy S20by hassan

28Nov

Samsung Galaxy S21 release date, price, news, rumors and leaks
Samsung Galaxy S21 release date, price, news, rumors and leaksby hassan

East Tulsa
3119 S. Garnett Rd.
Tulsa, OK 74146

(918) 949-4400 ext #1

Broken Arrow
1344-A E Hillside Dr
Broken Arrow, OK 74012

(918) 949-4400 ext #2

Owasso Market
12305 E. 96th St N.
Owasso, OK 74055

(918) 376-4686 ext #1

61st & Memorial
6030 S. Memorial Dr.
Tulsa, OK 74145

(918) 949-4400 ext #3

Tulsa Hills
7462 S Olympia Ave.
Tulsa, OK 74132

(918) 986-8222

Cell Phone Hospital™ 2021 Copyright. All Rights Reserved.

Sitemap

  • Warranty
  • Privacy Policy
  • Terms and Conditions
  • Careers
  • Contact Us