Cybersecurity researchers have identified a critical flaw in the Android smartphones built by Samsung, Huawei, LG, and Sony, whereby a bad actor could potentially infiltrate a victim’s phone using a phony provisioning message. Mobile operators send out provisioning messages as SMS texts when they make internal changes to their systems, and the messages request user approval to change the device’s network settings. The vulnerability was disclosed to the smartphone makers in March this year. Forbes reported estimates that as many as 1.25 billion Android users could be at risk.