A major vulnerability has been identified in MediaTek processors used on Android devices. The vulnerability is reported to affect millions of Android devices.
Although Android is a safer operating system with the measures taken by Google, security vulnerabilities can appear everywhere. This week, a vulnerability has been discovered in MediaTek chipsets, and worse still, most of the affected devices will not be fixed.
The vulnerability uncovered by XDA-Developers comes in the form of root toolkit. This vulnerability is included in the firmware of the processor and allows access to the root directory of any Android device using affected processors with a simple command. The bad news is that almost all of MediaTek’s 64-bit processors are vulnerable.
Amazon, Nokia, BLU, Sony and ZTE are affected:
Millions of Android devices with MediaTek processors are reported to be affected by this vulnerability. The vulnerability has specifically affected affordable devices such as Amazon’s Fire tablets and some Huawei and Honor smartphones. Affected device brands include Nokia, BLU, Sony and ZTE. So what could this vulnerability cause? For example, a malicious application can access a device’s root directory, potentially damaging the entire system.
The reason the deficit has remained unnoticed so far is that MediaTek could not fix it. Instead, the company asked Google to patch it through an Andorid security update. With the security update in March, Google patched this vulnerability on Pixel and some Samsung devices, but the sad truth is that many devices affected by this issue will not be patched.
XDA-Developers noticed the deficit in early February, but reached Google, but asked Google not to announce this information until the security update to be released in March, avoiding user feedback. The interesting thing is that MediaTek had been waiting for so long for the patch, even though it reported this deficit 10 months ago.