📔 Topics ℹ️ About 📱 iOS App
Back to all stories
Scope and content: The original finding aid described this as: Capture Date: 5/7/1976 Photographer: MARTIN BROWN Keywords: Larsen Scan Location Building No: 54
Photo: Martin Brown | Public domain | Wikimedia Commons

New MediaTek Android Flaw Lets Thieves Bypass Lock Screens

4h Developing 1 source 3 relevant data

Security researchers have disclosed a serious Android vulnerability, CVE-2026-20435, affecting some phones that use MediaTek processors and Trustonic’s Trusted Execution Environment, allowing attackers with physical access and a USB-connected computer to bypass the lock screen in under a minute. By exploiting the bug during the phone’s early boot process, an attacker can potentially recover the device PIN, unlock encrypted storage and extract sensitive data such as photos, passwords, messages, financial records and even cryptocurrency wallet seed phrases. The flaw is estimated to affect roughly one in four Android phones, particularly budget models, and stems from low-level firmware code rather than anything users can fix themselves. MediaTek says it has issued a firmware patch, but users are dependent on individual phone manufacturers to push security updates, and older or unsupported devices may never be patched. While the attack cannot be carried out remotely, it poses a major risk if a phone is lost, stolen, briefly confiscated or accessed during repair, adding to growing concerns U.S. cybersecurity experts are voicing online about weak long‑term support for cheaper Android devices.

Cybersecurity and Data Breaches Consumer Technology Security

📌 Key Facts

  • Vulnerability CVE-2026-20435 affects some Android phones using MediaTek chips and Trustonic’s Trusted Execution Environment
  • Attack requires physical access and a USB connection during the early boot process, potentially allowing bypass of the lock screen and encrypted storage
  • Researchers estimate roughly one in four Android phones, especially budget models, could be impacted
  • MediaTek has released a firmware patch, but users must wait for their specific phone makers and carriers to issue security updates

📊 Relevant Data

Android users have an average annual salary of $37,040, compared to $53,251 for iPhone users, a 43.7% difference.

iPhone vs Android User Stats (2025 Data) — Exploding Topics

Approximately 40% of all Android phones no longer receive security updates, leaving over a billion devices vulnerable to unpatched flaws like CVE-2026-20435.

Google Issues Android Update—40% Of All Phones Now At Risk — Forbes

Hispanic Americans comprise 24% of cryptocurrency owners but only 16% of the US population, while Black Americans comprise 8% of owners and 10% of the population.

Cryptocurrency Statistics 2024: Investing In Crypto — Bankrate

📰 Source Timeline (1)

Follow how coverage of this story developed over time

April 05, 2026
4:50 PM
Android flaw lets hackers unlock phones in under a minute
Fox News