An urgent Android security alert has been issued, warning users with specific phones to take immediate action. Researchers have uncovered a critical vulnerability that could enable cybercriminals to bypass a phone’s lock screen within a minute. This flaw, identified by the Donjon security team, poses a significant risk of exposing personal data and granting unauthorized access to all stored information on the affected devices.
In demonstrations, researchers illustrated the exploit method. By connecting a vulnerable phone to a laptop via USB, they successfully obtained the device’s PIN, decrypted its storage, and accessed sensitive files, including data from software wallets, all under 60 seconds.
The security loophole, known as CVE-2026-20435, impacts certain Android devices powered by MediaTek processors. Since these processors are prevalent, especially in budget-friendly smartphones, a considerable number of devices are potentially at risk.
Security experts emphasize that this vulnerability allows threat actors to extract encryption keys before the system fully boots up, effectively circumventing security measures like full-disk encryption and lock screen protection.
According to Malwarebytes, the security experts highlighted that this vulnerability affects MediaTek SoCs utilizing Trustonic’s TEE and is found in approximately one in four Android phones, primarily lower-cost models. Researchers showcased the flaw by connecting a vulnerable phone to a laptop via USB, demonstrating how they could retrieve the device’s PIN, decrypt storage, and extract seed phrases from various software wallets.
To mitigate the risk, users are advised to check their phone’s processor information in the Settings menu and promptly install any available security updates if their device operates on a MediaTek chip. While MediaTek has released a fix, individual device manufacturers must distribute it through software updates, underscoring the importance of keeping phones up to date for optimal protection.
It is crucial to note that this attack necessitates physical access to the device. By maintaining possession of your phone and ensuring regular updates, the risk can be significantly reduced. However, users with older devices that no longer receive updates should exercise caution or contemplate upgrading to mitigate potential vulnerabilities.
