An urgent security alert has been issued for Android users regarding a critical vulnerability that could potentially allow cyber attackers to bypass a device’s lock screen. The flaw, identified by the Donjon security team, poses a significant risk as hackers can exploit it in under a minute, compromising personal data and gaining unauthorized access to the device’s contents.
The security loophole, known as CVE-2026-20435, impacts Android devices utilizing MediaTek processors, which are commonly found in budget-friendly smartphones. Security experts have emphasized that this vulnerability enables attackers to extract encryption keys before the system fully boots up, effectively circumventing security measures like full-disk encryption and lock screen protection.
Malwarebytes highlighted that this vulnerability affects a considerable number of devices, approximately one in four Android phones, predominantly lower-priced models powered by MediaTek SoCs with Trustonic’s TEE. Researchers demonstrated the exploit by connecting a susceptible phone to a laptop via USB, illustrating how they could retrieve the device’s PIN, decrypt its storage, and access sensitive information from software wallets.
To mitigate the risk posed by this security flaw, users are advised to check their phone’s processor information in the Settings section and promptly install any available security updates if their device operates on a MediaTek chip. Although MediaTek has already issued a fix, it is crucial for individual device manufacturers to distribute the update through software patches. Regularly updating the phone’s software is essential for maintaining optimal security.
It is important to note that this attack necessitates physical access to the device. By ensuring that the phone is in the user’s possession and consistently updated, the risk of exploitation can be significantly reduced. However, users with older devices that no longer receive updates should exercise caution or contemplate upgrading to a more secure model.