Xiaomi Guard Provider likely to have security vulnerabilities

Xiaomi Guard Provider has received a patch to fix security vulnerabilities.

|

Xiaomi smartphones might have some security vulnerabilities, claims a recent report. Recently, there were claims about URL spoofing in preloaded browsers on Xiaomi smartphones. Now, fresh information is that the Xiaomi Guard Provider, a security app that is preloaded on the company's smartphones is said to have a grave vulnerability.

Xiaomi Guard Provider likely to have security vulnerabilities

 

A recent report by Check Point Research has discovered the vulnerability that would have allowed malicious sources to create havoc by intercepting the traffic that is linked to the app. Going by the findings of the cybersecurity firm, the unencrypted traffic allows adding a malicious code that can be executed resulting in malware installation or data theft.

However, Xiaomi has patched this security vulnerability as soon as it was discovered. And, there are no reports regarding any flaw.

Xiaomi Guard Provider vulnerability

As per the cybersecurity firm, the Xiaomi Guard Provider app, which is preloaded in the company's smartphones was caused due to the use of multiple SDKs for third different anti-virus services - Avast, Tencent and AVL. The app used these to scan the devices for virus and all three use different SDKs. But the issue with the use of multiple SDKs is that a threat to one can compromise the rest as well. And, the private data one on SDK is accessible by the others.

When it comes to the Guard Provider app, a malicious party could carry on an attack by connecting to the same Wi-Fi network and entering into the unsecured traffic routed via the security app. It can also change the server configuration of the SDK. When this happens, the attacker can allow malicious APK to be executed by interrupting the security check process.

As of now, there is no clarity if the patch that Xiaomi has released will address the unsecured traffic routing flaw or if it has fixed the inherent issue associated with SDKs.

Most Read Articles
Best Mobiles in India

Read More About: xiaomi news apps

Best Phones

Get Instant News Updates
Enable
x
Notification Settings X
Time Settings
Done
Clear Notification X
Do you want to clear all the notifications from your inbox?
Yes No
Settings X
We use cookies to ensure that we give you the best experience on our website. This includes cookies from third party social media websites and ad networks. Such third party cookies may track your use on Gizbot sites for better rendering. Our partners use cookies to ensure we show you advertising that is relevant to you. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on Gizbot website. However, you can change your cookie settings at any time. Learn more