The application installed on Xiaomi smartphones by default has a dangerous vulnerability. Because of this, attackers can install malicious code on the gadget.
According to some information, the "hole" in the application was discovered by the company Check Point. About this writes "Kommersant".
Dangerous for the users of Xiaomi devices software called Guard Provider. It is designed to protect users from malicious programs. It is impossible to uninstall a pre-installed application.
The company clarified that Guard Provider uses an unsecured connection to the network. That gives an attacker the opportunity to connect to the same Wi-Fi network and gain full access to user data transmitted via the application.
In addition, the cybercriminal can install any malicious software on the victim's gadget. Such applications include surveillance, data theft or extortion.
Head of ESET Russia Products and Services Department Sergey Kuznetsov noted that in fact the danger of identity theft threatens everyone who uses public Wi-Fi networks.
Check Point specialists noted that Xiaomi has already released a patch that will fix this nuance in the application. However, some believe that the vulnerability arose when the program appeared, but it was discovered not so long ago.