Millions of Xiaomi smartphones are vulnerable to a dangerous remote code execution (RCE) vulnerability that could grant attackers complete control of handsets.
The vulnerability, now patched, exists in MIUI – Xiaomi’s own implementation of the Android operating system – in versions prior to MIUI Global Stable 7.2 which is based on Android 6.0.
The flaw, discovered by IBM X-Force researcher