ZTE Score M Has A Secret Backdoor; Fix Promised

ZTE and Huawei have both been making efforts to step-up their brand recognition lately, working on going from manufacturers of Android hardware that carriers would label as their own, to companies with higher public profiles. Last fall, the US government started to grow a little concerned about the security issues that might exist as a result of widespread adoption of phones made by these two Chinese companies, and announced plans to investigate. That reaction seemed more than a bit paranoid, but could there have been something to it? The discovery of a secret root-level backdoor in ZTE’s Score M certainly gives us new reason to be concerned.

The backdoor is quite simple in its execution; passing a certain process the hard-coded password “ztex1609523” returns a root shell, with full access to the phone. The discovery was anonymously posted to Pastebin about a week ago. Since then, the find has started garnering attention, prompting ZTE to speak-up about up.

The manufacturer appears to be taking things quite seriously, promising a patch that will remove the backdoor. ZTE also maintains that this is a Score-only problem, and it’s not present on any of the company’s other Androids.

The big question is how that backdoor got there in the first place. For the kind of espionage-y specter the government’s been fearing, this backdoor sounds pretty low-tech; we’d expect something a little more obscured, with the chance for plausible deniability, if this was a serious hacking attempt. However it got there, this is just about the last thing ZTE could have hoped for considering the increased scrutiny under which it already finds itself.

Source: Reuters, Pastebin
Via: Engadget

Share This Post

Watch the Latest Pocketnow Videos

About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bits Read more about Stephen Schenck!