An urgent security warning has been issued for Android users, urging them not to overlook the potential threat. Researchers have uncovered a critical vulnerability that could enable cybercriminals to bypass a phone’s lock screen. The concerning aspect is the speed at which this exploit can be executed, with hackers capable of breaching security measures in less than a minute. The security flaw, identified by the Donjon security team, poses a risk of exposing personal data and granting unauthorized access to all information stored on affected devices.
Tests conducted by researchers demonstrated how the attack operates. By connecting a vulnerable phone to a laptop via USB, they could retrieve the device’s PIN, decrypt its storage, and access sensitive files, including data from software wallets, within a minute.
The vulnerability, known as CVE-2026-20435, impacts specific Android devices powered by MediaTek processors. These chips are prevalent, especially in budget-friendly smartphones, potentially putting a substantial number of devices in jeopardy.
Security experts have highlighted that the flaw enables attackers to extract encryption keys before the system fully boots, effectively circumventing protections such as full-disk encryption and lock screen security.
According to Malwarebytes, the vulnerability affects certain MediaTek System-on-a-Chip (SoC) devices utilizing Trustonic’s Trusted Execution Environment (TEE), which encompasses around one in four Android phones, predominantly lower-cost models. Researchers showcased the vulnerability by connecting a susceptible phone to a laptop via USB, illustrating how their exploit could retrieve the device’s PIN, decrypt storage, and extract seed phrases from various software wallets.
To mitigate the risk, users are advised to check the processor information on their phones by navigating to Settings > About Phone (or About Device). If the device operates on a MediaTek chip, it is crucial to promptly install any available security updates. While MediaTek has already released a fix, it must be disseminated by individual device manufacturers through software updates, emphasizing the importance of keeping devices up to date for optimal protection.
It is essential to recognize that this attack necessitates physical access to the device. By retaining possession of your phone and ensuring regular updates, the risk can be significantly reduced. However, older devices that no longer receive updates may remain vulnerable, prompting users with aging phones to exercise caution or contemplate upgrading for enhanced security.