An urgent security alert has been issued for Android users, warning of a critical vulnerability that could allow cyber attackers to bypass the lock screen on certain devices. The flaw, identified by the Donjon security team, poses a significant risk as hackers can exploit it to access sensitive data stored on the device within a minute.
Researchers demonstrated the exploit by connecting a vulnerable Android phone to a laptop via USB, successfully retrieving the device’s PIN, decrypting its storage, and accessing confidential files, including data from software wallets, in under 60 seconds.
The vulnerability, known as CVE-2026-20435, specifically affects Android devices powered by MediaTek processors, which are commonly found in budget-friendly smartphones, potentially putting a large number of devices at risk of exploitation.
Security experts have highlighted that the flaw enables attackers to extract encryption keys before the device fully boots up, effectively bypassing security measures like full-disk encryption and lock screen protection.
According to Malwarebytes, the vulnerability affects MediaTek System-on-a-Chip (SoC) devices using Trustonic’s TEE (Trusted Execution Environment), which reportedly includes about one in four Android phones, particularly lower-priced models.
To mitigate the risk posed by this security flaw, users are advised to check their phone’s processor information in the Settings menu and ensure that any available security updates for MediaTek chips are promptly installed to safeguard their devices.
While a fix has been released by MediaTek, it is crucial for users to stay vigilant and keep their devices up to date with the latest software updates, as this is the most effective way to protect against potential exploits.
It is important to note that this attack method requires physical access to the device, and maintaining possession of the phone and regularly updating it can significantly reduce the risk of unauthorized access.
However, users with older devices that no longer receive updates should exercise caution or consider upgrading to newer models to enhance their device’s security measures against potential vulnerabilities.
At Reach and across our entities we and our partners use information collected through cookies and other identifiers from your device to improve experience on our site, analyse how it is used and to show personalised advertising. You can opt out of the sale or sharing of your data, at any time clicking the “Do Not Sell or Share my Data” button at the bottom of the webpage. Please note that your preferences are browser specific. Use of our website and any of our services represents your acceptance of the use of cookies and consent to the practices described in our Privacy Notice and Terms and Conditions.