Xiaomi has patched a security flaw in Guard Provider, the default security app included with all recent Xiaomi smartphones.
The vulnerability would have allowed attackers to inject traffic heading towards the Guard Provider app, and insert malicious commands that would have allowed a threat actor to run malicious code to take over the phone, install malware, or steal users’ data.
Source: ZDNet