An urgent Android security alert has been issued regarding a critical flaw that could potentially allow cyber criminals to bypass a phone’s lock screen. The Donjon security team identified this vulnerability, which poses a serious threat as attackers can exploit it rapidly, gaining access to personal data and all stored information on the device within a minute.
Researchers demonstrated the attack method by connecting a vulnerable phone to a laptop via USB, successfully retrieving the device’s PIN, decrypting its storage, and accessing sensitive files, including data from software wallets, all in less than 60 seconds.
The security flaw, known as CVE-2026-20435, impacts specific Android devices powered by MediaTek processors, which are commonly found in many affordable smartphones, putting a significant number of devices at risk.
Experts highlight that the vulnerability enables attackers to extract encryption keys before the system fully boots, effectively circumventing security measures like full-disk encryption and lock screen protection.
Malwarebytes experts explained that the vulnerability affects certain MediaTek SoCs using Trustonic’s TEE, potentially impacting approximately one in four Android phones, particularly lower-priced models. The exploit showcased how connecting a vulnerable phone to a laptop via USB allowed attackers to retrieve the PIN, decrypt storage, and extract seed phrases from various software wallets.
To mitigate the risk, users are advised to check their phone’s processor information by accessing Settings > About Phone (or About Device) and looking for details on the processor or model. If the device utilizes a MediaTek chip, promptly installing available security updates is crucial.
MediaTek has already released a fix for the issue, but it is essential for individual device manufacturers to distribute the update through software patches. Keeping devices up to date with the latest software updates is the most effective way to stay protected.
It’s worth noting that this attack requires physical access to the device. By ensuring that your phone is in your possession and regularly updated, the risk of exploitation is significantly reduced. Nonetheless, older devices that no longer receive updates may remain vulnerable, prompting users with aging phones to exercise caution or consider upgrading for enhanced security.