Dangerous vulnerabilities found in Xiaomi devices

Dangerous vulnerabilities found in Xiaomi devices

Xiaomi, one of the world’s leading smartphone manufacturers, has recently come under scrutiny for the discovery of 20 vulnerabilities in its devices. These vulnerabilities, if exploited, could lead to the leakage of sensitive user information and potentially allow remote control of affected devices. Xiaomi should immediately address these vulnerabilities to ensure the security of its users’ data.

The vulnerabilities affect both MIUI and HyperOS, and HyperOS is essentially a rebranded version of MIUI. Among the vulnerable apps are familiar ones such as Gallery, Mi Video, Settings, and others. Interestingly, some of the vulnerabilities are caused by Xiaomi patches of AOSP (Android Open Source Project) applications, which indicates the need for more thorough testing and security measures during the patching process. List of apps that cause security vulnerabilities:

  • Gallery (com.miui.gallery)
  • GetApps (com.xiaomi.mipicks)
  • Mi Video (com.miui.videoplayer)
  • MIUI Bluetooth (com.xiaomi.bluetooth)
  • Phone Services (com.android.phone)
  • Print Spooler (com.android.printspooler)
  • Security (com.miui.securitycenter)
  • Security Core Component (com.miui.securitycore)
  • Settings (com.android.settings)
  • ShareMe (com.xiaomi.midrop)
  • System Tracing (com.android.traceur)
  • Xiaomi Cloud (com.miui.cloudservice)

While no system can claim to be completely immune to vulnerabilities, Xiaomi’s response is crucial. The company has already demonstrated a proactive approach by quickly releasing updates to fix significant vulnerabilities, such as those reported by Microsoft regarding Xiaomi’s file manager. This responsiveness is commendable and gives us confidence that Xiaomi is committed to addressing security issues quickly.

However, it is important for Xiaomi to remain vigilant and continue to prioritize security in its software development processes. Regular security audits, timely patches, and transparent communication with users about security updates are important practices for any modern technology company, especially one like Xiaomi.

And now, Xiaomi’s press service informed HiTech Expert that the company has fixed all the mentioned vulnerabilities.


Please enter your comment!
Please enter your name here