Xiaomi phones with pre-installed Security app were found to be vulnerable to cyber attacks. The company is one of the largest mobile phones manufacturers in the world and the security flaw could have enabled attackers to access the incoming traffic via Guard Provider app. This flaw was discovered by Israeli cyber-security company, Check Point followed by which Xiaomi has issued a patch.
If this flaw would have been left unattended, it would have provided access to cyber-criminals to abuse this vulnerability and remotely control the phone or even steal user's data. In the report by Check Point, it was discovered that the default antivirus app Guard Provider uses three different services- Avast, AVL and Tencent. The codes for these services use unique Software Development Kits (SDKs) which has been found to be the root cause of the problem.
