Researchers uncover 20 vulnerabilities affecting a range of Xiaomi apps that ship on the Chinese giant’s smartphones. Users have been encouraged to update their phones.Xiaomi users urged to update devices after researchers find a string of vulnerabilities. iaomi smartphones have a host of security flaws that could allow hackers to steal passwords and compromise social media accounts, according to cybersecurity researchers.
The flaws affected a wide range of software running on Xiaomi devices, from the settings app through to its bluetooth software, said Sergey Toshin, founder of Oversecured, the, allowing theft of user passwords and access to private user files. However, Toshin does not believe the weaknesses were exploited by malicious hackers.
Oversecured disclosed the flaws to Xiaomi last week after testing them on a Xiaomi 13 Ultra. “We believe every device was vulnerable since are part of the firmware,” Toshin said. He said the Chinese company patched the vulnerabilities within a week. Xiaomi confirmed it had remediated all the vulnerabilities.
He said Xiaomi might be able to avoid significant issues if it gave out larger rewards to hackers as part of its bug bounty program, which it runs over the HackerOne platform. According to HackerOne data, its average payout is between $80 and $100, and it’s rewarded hackers with $2,600 in the last 90 days. Comparatively, GoogleA Xiaomi spokesperson said the company had “an industry-leading security team” and was working with Google and Hackerone “to build secure Android systems.
Technology Technology Latest News, Technology Technology Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Source: CNBC - 🏆 12. / 72 Read more »