Jump to content
  • Millions of smartphones with MediaTek processors were vulnerable to hacking


    At the beginning of each month, Google publishes a report on Android device vulnerabilities discovered by the search giant itself or other companies. The new document was an unpleasant surprise for owners of devices with MediaTek chips, millions of which were exposed to a dangerous vulnerability that allows you to easily "open" the protection of the gadget.

    Millions of smartphones with MediaTek processors were vulnerable to hacking

    The CVE-2020-0069 rootkit, called MediaTek-su, allows you to get root access and "open" the SELinux core for any application installed on the device, successfully bypassing the standard Android restrictions. The vulnerability was first discovered on the Amazon Kindle Fire tablet, but later it turned out that the script also works on many other gadgets.

    According to the authors of the study, the list of vulnerable chips contains “almost all” 64-bit MediaTek processors, including MT6735, MT6737, MT6738, MT6739, MT6750, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6763, MT6765, MT6771, MT6779, MT6795, MT6797, MT6799, MT8163, MT8167, MT8173, MT8176, MT8183, MT6580 and MT6595.

    According to XDA-Developers, the exploit allows an attacker to completely take control of a victim’s smartphone - install new applications, change permissions for existing ones and gain access to personal data. Although after rebooting, the script’s access to the root system is reset, a malicious application may restart it every time the gadget is turned on.

    Millions of smartphones with MediaTek processors were vulnerable to hacking

    MediaTek has already released a software patch to prevent exploitation of the vulnerability, but the pace of its distribution depends on OEM manufacturers. They should include the “patch” in updates of proprietary firmware. The company also turned to Google for help - it is reported that from March of this year, the patch will be included in monthly Android security updates. At the same time, owners of old gadgets whose firmware is no longer officially updated are still at risk.


    User Feedback

    Recommended Comments

    There are no comments to display.



    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    Loading...

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.