With the Mate 9 Pro, the security experts found multiple vulnerabilities within Huawei’s AppGallery that an attacker could exploit to launch attacks.
While with the Mi 9, F-Secure found if a user ending up visiting a nefarious website it could compromise the device’s default configuration.
Vulnerabilities in Xiaomi’s GetApps store can also enable attackers to take full control of the device.
F-Secure also claimed the Galaxy S9 could be compromised when the device connects to a free Wi-Fi network, depending on the SIM card used on the handset.
Advising users on how to stay safe, F-Secure said: “F-Secure has received no reports or evidence of these attacks occurring outside of their own research.
“Vendors of affected products entered into Pwn2Own competitions are invited to attend the event by the organiser, ZDI, to receive details of the vulnerabilities used by participants.
“Thanks to this controlled disclosure process, Huawei, Xiaomi, and Samsung have patched the vulnerabilities F-Secure discovered during their research.
“As long as users update their phones, they should be safe from these particular attacks.”
Published at Wed, 27 May 2020 03:01:00 +0000