"This is highly problematic as it allows anybody -- without any password -- to remotely access these devices as 'root'* -- the administrator mode -- and then silently install software and execute malicious functions," Beaumont says.
The researcher also noted that while root access should not be available in non-development builds, a bypass does apparently exist on some devices.
Unfortunately, threat actors appear to be well aware that this security oversight is so widespread.
It appears that thousands of unique IP addresses are scanning for the open port in any 24-hour window at present, with a massive surge in port 5555 scanning recorded from 1 February 2018.
"It is worth keeping in mind that because of Network Address Translation and dynamic IP reservations it is difficult to know the exact number of devices. But it is safe to say: "a lot,"" the researcher added.
Prompted by the renewed interest in the ADB issue, the Internet of Things (IoT) search engine Shodan has added the capability to look for port 5555. Indexing is still taking place, but the number of exposed devices has surged to over 15,000.
The majority of exposed devices are in Asia, including China and South Korea.
"These are not problems with Android Debug Bridge itself," Beaumont said. "ADB is not designed to be deployed in this manner."