Privacy News A local Root exploit has been discovered on Lenovo Smartphones Systems

[SumG]

Security flaws have been discovered on Lenovo VIBE Mobile Phones that enable the hacker or the attacker with physical possession of a device that is not protected with a secure lock screen, such as PIN or Password, to elevate privileges to the root user (commonly known as “rooting” or “jailbreaking” a device) with the capability to change the device’s operation and functionality in myriad ways.

The flaws have been discovered by Mandiant’s Red Team in May 2016 and were reported the same month. In charge of Lenovo’s mobile phone portfolio, Motorola has since corrected the vulnerabilities by redesigning “the affected mechanism to use a more secure process,”​

 

[WolfensteinXeen]

Thanks for the info. That's why i always set a lock screen password and encrypt my phone, in addition to never "root" Android, only use apps from the Play store, update both Android and the apps to the latest version and use an antivirus.

 

[tryfon]

Wouldn't be surprised to see a large piece of malware using this on Lenovo smartphones