Users of Xiaomi phones were recently exposed to hacker attacks. This situation was caused by the preinstalled application called Xiaomi Guard Provider, which was suppose to ensure the security of the device.

However, the application did not protect the outgoing and incoming http protocol traffic from the application. According to Check Point, the attack could be initiated when the hacker connected to the same Wi-Fi network as the potential victim, so he could carry our what is called a man-in-the-middle type of attack. In addition, due to the vulnerabilities in communication between multiple SDKs hacker could enter any code, which enabled theft of password, or the installation of malicious software.

Check Point has informed Xiaomi about the detected vulnerability, which has already issued an security update to the application.