Xiaomi Devices Found to Contain 20 Serious Vulnerabilities, Exposing User Data

Security experts have discovered 20 critical vulnerabilities in Xiaomi devices that could put user data at risk. The vulnerabilities, which affect both MIUI and HyperOS, could allow attackers to steal sensitive information and even take remote control of devices.

The security holes were discovered by researchers at Oversecured, who reported the findings to Xiaomi in April 2023. The vulnerabilities could be exploited to access arbitrary activities, receivers, and services with system privileges, steal arbitrary files with system privileges, disclose phone, settings, and Xiaomi account data, and more.

Some of the affected apps include Gallery, GetApps, Mi Video, MIUI Bluetooth, Phone, Spooler Print, Security, Security Center, Settings, ShareMe, System Trace, and Xiaomi Cloud.

Xiaomi has already shown a proactive approach by promptly issuing updates to fix notable vulnerabilities, including those highlighted by Microsoft concerning their file manager. However, experts urge Xiaomi to remain vigilant and consistently prioritize security in their software development procedures.

While no system is 100% secure, reputable companies like Xiaomi need to implement faster security updates, more transparent communication with users, and stricter security measures for their devices.