ZTE Score M Has A Secret Backdoor; Fix Promised
ZTE and Huawei have both been making efforts to step-up their brand recognition lately, working on going from manufacturers of Android hardware that carriers would label as their own, to companies with higher public profiles. Last fall, the US government started to grow a little concerned about the security issues that might exist as a result of widespread adoption of phones made by these two Chinese companies, and announced plans to investigate. That reaction seemed more than a bit paranoid, but could there have been something to it? The discovery of a secret root-level backdoor in ZTE’s Score M certainly gives us new reason to be concerned.
The backdoor is quite simple in its execution; passing a certain process the hard-coded password “ztex1609523” returns a root shell, with full access to the phone. The discovery was anonymously posted to Pastebin about a week ago. Since then, the find has started garnering attention, prompting ZTE to speak-up about up.
The manufacturer appears to be taking things quite seriously, promising a patch that will remove the backdoor. ZTE also maintains that this is a Score-only problem, and it’s not present on any of the company’s other Androids.
The big question is how that backdoor got there in the first place. For the kind of espionage-y specter the government’s been fearing, this backdoor sounds pretty low-tech; we’d expect something a little more obscured, with the chance for plausible deniability, if this was a serious hacking attempt. However it got there, this is just about the last thing ZTE could have hoped for considering the increased scrutiny under which it already finds itself.