Duo Labs recently reported that 57% of all Android devices are vulnerable to a critical encryption bypass vulnerability, originally revealed in a series of blog posts by Gal Beniamini in January, 2016.


In the series, Beniamini explains that the vulnerability affects any Android devices using Qualcomm processors, which is pretty significant when you consider Qualcomm produces approximately 60% of all processors used in Android phones and tablets. According to Beniamini, the attack allows an attacker to take control of an Android device by exploiting a Qualcomm chip vulnerability dubbed CVE-2015-6639.


Duo Labs released a report that showed at the time of Beniamini’s posts, 60 percent of all Android devices were affected by the vulnerability. Shortly thereafter, Google released a patch to neutralize the vulnerability. However, because most manufacturers failed to push the update in a timely manner, most Android devices remain at risk.


On June 30, Beniamini demonstrated another exploit that resulted in an attacker being able to bypass Android’s full disk encryption- even on devices with the January 2016 patch from Google. The vulnerability (named CEV-2016-2431 and also uncovered by Beniamini) reveals how an attacker can break through all trust and privilege levels on Android devices to access sensitive and secret information, such as keys for DRM.




Google is aware of the newer vulnerability (CEV-2016-2431) and even released a new patch for it in May, but again manufacturer response to the update has been slow, and as a result 57% of Android devices are still at risk. Duo reports that numbers for affected devices have decreased slightly because Google and Samsung have pushed updates for their popular Nexus and Galaxy models, but nevertheless most other manufacturers have yet to even push the May update from Google to their users.


Duo recommends that Android users apply the May 2016 patch as soon as possible. If the maker of your Android device has not pushed an update, Duo recommends you contact the manufacturer and ask them to do so immediately.