Xiaomi Smartphones Runs The Most Insecure OS
20 Security Issues Found in Xiaomi Devices
 |
Mobile Security Firm Oversecured has found 20 security Vulnerability in Xiaomi smartphones include Redmi , POCO phones
- Gallery (com.miui.gallery)
- GetApps (com.xiaomi.mipicks)
- Mi Video (com.miui.videoplayer)
- MIUI Bluetooth (com.xiaomi.bluetooth)
- Phone Services (com.android.phone)
- Print Spooler (com.android.printspooler)
- Security (com.miui.securitycenter)
- Security Core Component (com.miui.securitycore)
- Settings (com.android.settings)
- ShareMe (com.xiaomi.midrop)
- System Tracing (com.android.traceur), and
- Xiaomi Cloud (com.miui.cloudservice)
Notable Flaws: • Shell command injection bug impacting the System Tracing app • Phone Settings app could enable the theft of arbitrary files • Mi Video apps leak Xiaomi user account's username & email via broadcasts to 3rd-party apps • Information leak about Bluetooth devices, connected Wi-Fi networks & emergency contacts
There's also a memory corruption flaw impacting the GetApps app that was reported to Xiaomi a year ago & still remains unpatched
While Phone Services, Print Spooler, Settings, and System Tracing are AOSP components but they have been modified by Xiaomi to incorporate additional functionality, leading to these flaws