A backdoor in Android firmware provided by manufacturer Foxconn allows attackers to root devices to which they have physical access, according to a security researcher and barbecue enthusiast who dubbed the vulnerability Pork Explosion.Jon Sawyer (who also goes by jcase online) discovered the vulnerability at the end of August, and publicized it on his blog on Wednesday, a day after smartphone vendor Nextbit, which was one of the most heavily affected OEMs, released a fix for the problem.+ALSO ON NETWORK WORLD: Hardcore fans mourn the death of Nexus by denouncing the Pixel + Darkweb marketplaces can get you more than just spam and phishAccording to Sawyer, Pork Explosion allows attackers that have physical access to an affected device to gain a root shell. The heart of the problem is a rogue fastboot command, which bypasses every authentication and security measure present and reboots the phone into a factory test mode. Simply put, Sawyer said, this is a method that allows attackers to completely compromise an affected device over a USB connection, providing full access to the device’s data and offering the ability to unlock the bootloader without modifying user data.“While it is obviously a debugging feature, it is a backdoor,” he wrote. “It isn’t something we should see in modern devices, and it is a sign of great neglect on Foxconn’s part.” Not every Foxconn-made phone is affected – only those that use Foxconn’s own firmware. Sawyer said that vendors InFocus and Nextbit were definitely affected, and it’s probable that “many more” also have vulnerable devices.Sawyer’s blog post also describes how to check whether a device is vulnerable to Pork Explosion, which requires a look at the Android internal partition table. Related content news analysis DHS unveils one common platform for reporting cyber incidents Ahead of CISA cyber incident reporting regulations, DHS issued a report on harmonizing 52 cyber incident reporting requirements, presenting a model common reporting platform that could encompass them all. By Cynthia Brumfield Sep 25, 2023 10 mins Regulation Regulation Regulation news Chinese state actors behind espionage attacks on Southeast Asian government The distinct groups of activities formed three different clusters, each attributed to a specific APT group. By Shweta Sharma Sep 25, 2023 4 mins Advanced Persistent Threats Cyberattacks feature How to pick the best endpoint detection and response solution EDR software has emerged as one of the preeminent tools in the CISO’s arsenal. Here’s what to look for and what to avoid when choosing EDR software. By Linda Rosencrance Sep 25, 2023 10 mins Intrusion Detection Software Security Monitoring Software Data and Information Security feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Data and Information Security IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe