ZTE has confirmed that one of its mobile phones that is currently being sold in the US contains a security threat that could result in another person controlling the phone remotely.
The ‘backdoor’ vulnerability is present on the Chinese company’s Score device, which runs on the Android OS.
ZTE, and fellow Chinese manufacturer Huawei Technologies, is currently being surveyed by US security due to concerns that the mobile manufacturers have links to the Chinese government.
These concerns have been mostly based on the fear that similar security threats may be present in telecommunications infrastructure made by the vendors.
ZTE has confirmed that the vulnerability is present on the Score handset, but denies that other mobiles, such as the Skate, are affected.
“ZTE is actively working on a security patch and expects to send the update over-the-air to affected users in the very near future,” ZTE said.
“We strongly urge affected users to download and install the patch as soon as it is rolled out to their devices.”
Whilst security threats have been highlighted on the Android platform before, it is rare to find the vulnerability apparently inserted by the hardware vendor.
“I have never seen this before. There are rumors about backdoors in Chinese equipment floating around,” Dmitri Alperovitch, co-founder of cyber security firm, CrowdStrike, said.
“That’s why it’s so shocking to see it blatantly on a device.”
Source: ReutersLeave a comment on this article