An urgent security warning has been issued for Android users, cautioning them not to overlook a critical flaw that could be exploited by cybercriminals to bypass the lock screen on certain smartphones. The vulnerability, identified by the Donjon security team, allows attackers to swiftly gain access to personal data and all stored information on the device. Researchers demonstrated the exploit by connecting a vulnerable phone to a laptop via USB, revealing how they could retrieve the device’s PIN, decrypt its storage, and access sensitive files in under a minute.
The security risk, known as CVE-2026-20435, impacts Android devices equipped with MediaTek processors. These processors, commonly found in budget-friendly smartphones, put a substantial number of devices at potential risk. Security experts explain that the flaw enables attackers to extract encryption keys before the system fully boots, effectively circumventing protections such as full-disk encryption and lock screen security.
Malwarebytes highlighted the severity of the issue, emphasizing that the vulnerability affects a significant portion of Android phones featuring MediaTek SoCs utilizing Trustonic’s TEE. The demonstration showcased how attackers could exploit the vulnerability to retrieve PINs, decrypt storage, and extract seed phrases from software wallets.
To mitigate the risk, users are advised to check their phone’s processor information under Settings > About Phone (or About Device) and promptly install any available security updates if their device runs on a MediaTek chip. MediaTek has already released a fix, which will be distributed by individual device manufacturers through software updates. Regularly updating the phone is crucial for enhanced protection against such vulnerabilities.
Notably, this attack necessitates physical access to the device. By keeping the phone secure and up to date, the risk of exploitation is significantly reduced. However, users with older devices that no longer receive updates should exercise caution or consider upgrading to mitigate potential security threats.