Outlining their findings online, Trend Micro said: “We found a number of vulnerabilities in the application named SHAREit. The vulnerabilities can be abused to leakage a user’s delicate data and carry out approximate code with SHAREit permissions by utilizing a malicious code or app. They can likewise potentially result in Remote Code Execution (RCE).
“In the past, vulnerabilities that can be used to download and take files from users’ devices have likewise been related to the app. While the app allows the transfer and download of various file types, such as Android Package (APK), the vulnerabilities connected to these features are probably unintended defects.
“SHAREit has over 1 billion downloads in Google Play and has been named as one of the most downloaded applications in 2019. Google has been informed of these vulnerabilities.”
According to the Google Play Store, the last time SHAREit was upgraded was on February 9, which was prior to the Trend Micro research was released. The file-sharing app, which lets users exchange photos, music, videos and GIFs, in overall has 1.8 billion users worldwide. According to App Annie, SHAREit was one of the top 10 most downloaded apps in the world in 2019.