Charger Vulnerability
Experts at Tencent Security Xuanwu Lab discovered a serious vulnerability that allows you to remotely control the charging process of your smartphone if you wish. In particular, one of the indicators can be increased, as a result of which the smartphone will simply burn out. Moreover, it is possible that this will entail physical ignition, which can lead to a fire.
Possibly billions of smartphone users at risk. New vulnerability allows to “burn” a mobile device
The vulnerability was called BadPower. It is unclear exactly how large the problem is, but out of 35 smartphone charger sources tested, 18 had the vulnerability. If we assume that the indicator is generally about the same, then this is roughly half of all devices in the world.
At the same time, 11 of the tested devices allowed all manipulations to be performed remotely, while in the remaining seven cases physical access to the device was needed.
The problem itself is due to the fact that manufacturers leave the possibility of flashing the charger via USB. Actually, the problem can be solved in the same way – just release the appropriate firmware. But will the manufacturers do this? Here you can immediately recall the recent story about the Xiaomi charger, so we have confirmation of the existence of a security hole even before the appearance of the Tencent report. It is also worth noting that the report says specifically about a charger with fast charging technology, but today these are practically all new devices.