An urgent security advisory has been issued for Android users regarding a critical vulnerability that could potentially compromise phone security. The flaw, identified by the Donjon security team, allows cybercriminals to bypass lock screens on certain Android devices quickly. This exploit can grant unauthorized access to personal data and all stored information within the device.
Researchers demonstrated the attack process by connecting a vulnerable phone to a laptop via USB, showcasing how they could retrieve the device’s PIN, decrypt its storage, and access sensitive files within a minute.
The vulnerability, known as CVE-2026-20435, impacts specific Android devices powered by MediaTek processors, commonly found in budget-friendly smartphones. Security experts warn that attackers can extract encryption keys before the system fully boots, circumventing security measures like full-disk encryption and lock screen protection.
Malwarebytes explained that the vulnerability affects MediaTek System-on-a-Chip (SoC) devices using Trustonic’s Trusted Execution Environment, which reportedly includes approximately one in every four Android phones, particularly lower-priced models. The exploit showcased how attackers could recover PINs, decrypt storage, and extract seed phrases from software wallets when a vulnerable phone is connected to a laptop.
To mitigate the risk, users should verify their phone’s processor information in the Settings menu and promptly install any available security updates if their device runs on a MediaTek chip. MediaTek has already released a patch for the vulnerability, but individual device manufacturers must distribute it through software updates. Keeping devices updated is crucial for enhanced protection.
It’s essential to highlight that the attack requires physical access to the device. By maintaining possession of the phone and ensuring regular updates, users can minimize the risk of exploitation. However, users with older devices that no longer receive updates are advised to exercise caution or consider upgrading to reduce vulnerability.
Consider designating Daily Mirror as a preferred news source on Google News for convenient access to valuable information.