ZTE and Huawei have both been making efforts to step-up their brand recognition lately, working on going from manufacturers of Android hardware that carriers would label as their own, to companies with higher public profiles. Last fall, the US government started to grow a little concerned about the security issues that might exist as a result of widespread adoption of phones made by these two Chinese companies, and announced plans to investigate. That reaction seemed more than a bit paranoid, but could there have been something to it? The discovery of a secret root-level backdoor in ZTE’s Score M certainly gives us new reason to be concerned.

The backdoor is quite simple in its execution; passing a certain process the hard-coded password “ztex1609523” returns a root shell, with full access to the phone. The discovery was anonymously posted to Pastebin about a week ago. Since then, the find has started garnering attention, prompting ZTE to speak-up about up.

The manufacturer appears to be taking things quite seriously, promising a patch that will remove the backdoor. ZTE also maintains that this is a Score-only problem, and it’s not present on any of the company’s other Androids.

The big question is how that backdoor got there in the first place. For the kind of espionage-y specter the government’s been fearing, this backdoor sounds pretty low-tech; we’d expect something a little more obscured, with the chance for plausible deniability, if this was a serious hacking attempt. However it got there, this is just about the last thing ZTE could have hoped for considering the increased scrutiny under which it already finds itself.

Source: Reuters, Pastebin
Via: Engadget

You May Also Like
Here’s your first real-life look at the Samsung Galaxy Note 20, and it’s gorgeous
But that huge camera bump though!
Here’s your first look at Samsung’s upcoming budget phone – the Galaxy A01 Core
It will reportedly come equipped with a removable battery, a convenience you’ll now rarely come across in the smartphone world.
Redmi 7a
Redmi 7A starts receiving Android 10-based stable MIUI update in India
It also brings the May 2020 Android security patch.