A critical Android security alert has been issued, urging owners of specific smartphones to take immediate action. The warning stems from a significant vulnerability that could enable hackers to bypass a phone’s lock screen swiftly. This flaw, identified by the Donjon security team, poses a serious threat as cybercriminals could potentially gain access to sensitive information stored on the device within a minute.
Researchers conducted tests to demonstrate the exploit. By linking a vulnerable phone to a computer via USB, they successfully retrieved the device’s PIN, decrypted its data, and accessed confidential files, including data from software wallets, all in under 60 seconds.
Identified as CVE-2026-20435, this vulnerability impacts specific Android devices utilizing MediaTek processors. Given the widespread use of these chips, particularly in budget-friendly smartphones, a substantial number of devices could be at risk.
Security experts emphasize that the flaw enables attackers to extract encryption keys before the system fully initializes, effectively circumventing security measures like full-disk encryption and lock screen protection.
According to Malwarebytes, the vulnerability affecting MediaTek System-on-a-Chip (SoC) devices utilizing Trustonic’s Trusted Execution Environment (TEE) could impact approximately one in four Android phones, mostly lower-end models.
The researchers illustrated the vulnerability by connecting a susceptible phone to a laptop via USB, showcasing how they could bypass the phone’s security measures to retrieve the PIN, decrypt the storage, and extract seed phrases from various software wallets.
To mitigate the risk, users are advised to check their phone’s processor information by navigating to Settings > About Phone (or About Device) and reviewing the processor details. If the device utilizes a MediaTek chip, it is crucial to promptly install any available security patches.
MediaTek has already released a fix for the vulnerability, though individual device manufacturers must distribute it through software updates. Keeping the phone up to date with the latest patches is vital for enhanced security.
It is important to note that this attack requires physical access to the device. By ensuring the phone remains in the user’s possession and receives regular updates, the risk of exploitation is significantly reduced.
However, older devices that no longer receive updates may remain vulnerable, prompting users with aging phones to exercise caution or consider upgrading to a more secure device.
At Reach and across our entities , we and our partners utilize data collected through cookies and other identifiers from your device to enhance your site experience, analyze usage patterns, and deliver personalized ads. You can opt out of data sharing at any time by clicking the “Do Not Sell or Share my Data” button at the bottom of the page. Please be aware that these preferences are specific to your browser. Your use of our website and services indicates consent to the use of cookies as detailed in our <a data-testid="cipa-privacy-notice-link" href="https://