Xiaomi is currently the third-largest smartphone manufacturer worldwide. According to IBM X-Force Application Security Research team, they have managed to discover a remote code execution which is also known as (RCE) vulnerability in MIUI

Millions of Xiaomi Smartphones are at Risk

As we all know that Xiaomi is currently the third-largest smartphone manufacturer worldwide and more than 70 million Xiaomi devices were delivered in the previous year 2015. According to IBM X-force application security Research team among 70 million devices few millions might be impacted by the remote code execution vulnerability.

According to IBM X-Force Application Security Research team, they have managed to discover a remote code execution which is also known as (RCE) vulnerability in MIUI, according to the research team. They have personally unveiled this vulnerability to Xiaomi in January 2016.

According to the sources, this MIUI vulnerability actually allows (MitM) man-in-the-middle attacker to execute arbitrary code as the highly privileged Android system user. All the applications with analytics package are vulnerable to remote code execution via the man-in-the-middle attack. Analytics package is present in various applications which come along with MIUI

“We identified at least four vulnerable applications in the MIUI developer Rom version 6.1.8, including the built-in browser app. These had differing sets of privileges and capabilities” said by X-Force Application Security Research team

As we know, Analytics package uses HTTP to request the server for updates, and later it downloads the package. An attacker can watch for update requests, and can utilize some spoofing techniques and can also deliver the fake response in the name of the server. Usually, these type of fake responses contain links to the APK files that analytics package needs to download and execute

However, the analytics component does not involve in any type of cryptographic authentication of the downloaded package. Therefore, the analytics package replaces itself with the attacker-supplied version via Android’s DexClassLoader mechanism.

It has been remediated by Xiaomi from MIUI Global Stable version 7.2, and the American multinational technology and consulting corporation IBM fully advised the users to update their firmware as soon as possible just to assure that they are not unsafe.