ZTE said that one of its mobile handsets sold in the US has a vulnerability that could potentially allow third parties to take control of the device, reports Reuters.

Researchers found the “highly unusual” security hole, which allows anyone with a hardwired password to access the affected phone, on ZTE’s Android-powered Score device.The password to access the device is available online.

In an emailed statement to Reuters, the company said it is “actively working” on a security patch to solve the issue with an update due to be made available in the “very near future.”

Reports of the Score vulnerability emerged on the pastebin.com code sharing website this week, with other reports suggesting the ZTE Skate and other models also have the same issue. ZTE admitted the problem with the Score, but denied it affects any of its other phones.

The Chinese handset vendor is already being scrutinised by US authorities, along with fellow Chinese company Huawei, due to concerns they are connected to the Chinese government. Both companies deny any link.

However, concerns about security have until now been related to telecommunications infrastructure equipment that both companies make, rather than consumer devices.