An urgent security alert has been issued for Android users, warning them of a critical vulnerability that could be exploited by cybercriminals to bypass the lock screen on certain devices. The flaw, discovered by the Donjon security team, poses a significant risk as attackers can potentially gain access to personal data and all stored information within a minute.
Researchers demonstrated the exploit, showcasing how connecting a vulnerable phone to a laptop via USB allowed them to retrieve the device’s PIN, decrypt its storage, and access sensitive files, including data from software wallets, in under 60 seconds.
The security vulnerability, identified as CVE-2026-20435, impacts Android devices powered by MediaTek processors, which are commonly found in budget-friendly smartphones, making a substantial number of devices susceptible to this threat.
According to experts, the flaw enables attackers to extract encryption keys before the system fully boots, effectively bypassing security measures like full-disk encryption and lock screen protection.
Malwarebytes highlighted that the vulnerability affects MediaTek SoCs utilizing Trustonic’s TEE, potentially impacting around one in four Android phones, particularly lower-cost models. The exploit demonstrated by researchers involved recovering the device PIN, decrypting storage, and extracting seed phrases from various software wallets by connecting a vulnerable phone to a laptop via USB.
To mitigate the risk posed by this vulnerability, users are advised to check their phone’s processor information under Settings > About Phone (or About Device) to determine if it runs on a MediaTek chip. If so, it is crucial to promptly install any available security updates. MediaTek has already released a fix, but individual device manufacturers need to distribute it through software updates. Keeping devices up to date is crucial for protection against such threats.
It is important to note that this attack requires physical access to the device. By ensuring your phone is in your possession and regularly updated, the risk is significantly reduced. However, older devices that no longer receive updates may remain vulnerable, prompting users with aging phones to exercise caution or consider upgrading for enhanced security.
