A U.S. based cybersecurity firm has published a report detailing 146 new Android security flaws found within first-party apps and services.
While a vast majority of these services are from Asian manufacturers, some global heavyweights like Samsung and Asus are included in the roundup.
What’s concerning about this report is that these are pre-installed apps and services, so users can’t get rid of the affected code on their phones.
The Cybersecurity firm is called Kryptowire and was contracted by the U.S. Department of Homeland Security.
Most of the affected devices are brands that don’t usually make it to Canada, such as Xiaomi, BQ, Doogee and more.
Wired has reported that Samsung claims two of the vulnerabilities on its devices are the handiwork of contracted developers, and the other four are rendered harmless by the Android Security Framework.
Kryptowire doesn’t believe Samsung’s claim, according to Wired.