MediaTek: Security holes in MediaTek processors, present in 37% of cell phones worldwide, allowed cybercriminals to spy on the owners of those phones, if exploited. The vulnerabilities were discovered by Check Point Research and released this Wednesday (24).
According to the cybersecurity company, the gaps were in the artificial intelligence (AI) unit and the audio processing (DSP) of MediaTek Dimensity series chips, including newer versions. These components feature the Tensilica Xtensa microarchitecture, which reduces CPU usage and improves media performance.
And this last area was where the problem lay, as it holds a set of customized basic instructions to ensure the correct functioning of the AI and audio units. With the use of specific codes, malicious users could break into the platform, taking advantage of an Android app, and reprogram the chip to spy on the phone.
By reverse engineering MediaTek’s audio DSP firmware on a Xiaomi Redmi Note 9 5G smartphone with a Dimensity 800U chip, the researchers were able to attest to the vulnerabilities. According to them, an attack on the component would make it possible to access system data and manipulate them to carry out espionage or other activities.