Cyber-security firm Check Point has discovered vulnerabilities in Xiaomi’s ‘Guard Provider‘ app and they can also be a security risk.
Check Point found that a security app called Guard Provider was being preinstalled on top-phone maker Xiaomi handsets. Instead of guarding the mobile phones, the app had a gaping security hole that opened users up to man-in-the-middle attacks. Worse, the app was baked into the phone maker’s forked version of the Android operating system, and couldn’t be removed. Xiaomi Guard Provider, has been discovered harboring a grave vulnerability that would have allowed a malicious party to wreak havoc by intercepting the traffic linked to the app. As per the findings of a cyber-security firm, the unencrypted traffic could allow a bad actor to add a malicious code that could be executed to perform data theft or install malware. Thankfully, Xiaomi has patched the vulnerability once the issue was discovered, and so far, there are no reports of the flaw being exploited.
In case of the Guard Provider app, a malicious party could carry out a Man-in-the-Middle (MiTM) attack by connecting to the same Wi-Fi network and tapping into the unsecured traffic routed through the security app.
“Briefly put, due to Guard Provider’s network traffic from any Xiaomi device being unsecured, this allows it to be intercepted via a Man-in-the-Middle (MiTM) attack and inject rogue code as part of a third-party SDK update,” according to the post.