Severe MediaTek exploit affects millions of Android devices, some may never be patched

Ben Schoon | Mar 3 2020 - 8:57 am PT

Overall, Android is a pretty secure operating system, but bugs and exploits can form anywhere, and eventually they do. This week, a severe security exploit was revealed relating to MediaTek chipsets, and the bad news is that many devices affected probably won’t ever be patched.

Highlighted by XDA-Developers, this severe MediaTek security exploit comes in the form of a root toolkit. The vulnerability itself is lodged within the CPU’s firmware that allows a simple script to root any Android devices using affected CPUs, and that list is very long, with “virtually all” of MediaTek’s 64-bit CPUs affected.

We won’t get into the deep details of how this all works here — you can head over to XDA for the full deep dive — but to make a long story short, this security exploit on MediaTek devices affects millions of Android devices. Specifically, it affects the super-cheap devices such as some of Amazon’s Fire tablets, some Huawei and Honor smartphones, and many, many more.

What can be done using this exploit? Without the user’s knowledge, a rogue app can achieve root access on an Android device, potentially causing a lot of harm to the entire system. Root can be a good thing when used properly, but a malicious hacker could have a field day with the access it provides.

This exploit has been sitting pretty much undetected for several months at this point because MediaTek can’t fix it directly. Rather, the chipmaker had to turn to Google to patch the exploit through an Android security update. With the March security update that’s already available for Pixel and some Samsung devices, Google patches this exploit, but the sad fact is that many of the devices affected by this issue will never be patched.

XDA discovered and reached out to Google about this vulnerability in early February, but the company requested that the story not be published until the March update was available, fearing the potential repercussions for users. What’s strange, though, is that Google has waited this long to implement the fix given that MediaTek made information regarding the fix available over 10 months ago through a TrendMicro report.

Whatever the case, fixes are now available for this horrible, horrible bug. If you’re concerned about your device being affected, you’ll first want to check if you’re using a 64-bit MediaTek CPU. If you are, you can test to see if your device is vulnerable at this link. Notably, too, Android 10 devices are immune to this exploit.