MediaTek fixes chipset vulnerability that allowed third party apps to eavesdrop on users

  • A vulnerability in MediaTek chipsets allowed third-party apps to eavesdrop on users.
  • Mediatek patched the bug in October via an OTA update.
  • No such event of eavesdropping in MediaTek powered smartphones have been reported as of now.

MediaTek’s growth has been quite prolific in the smartphone market in the last couple of years, but the chipmaker is in the news this time for the wrong reasons. This time around, the brand is grabbing headlines for a vulnerability that allowed certain apps to listen to users. Specifically, the bug was found in recent MediaTek chipsets’ AI and audio processing components, making users vulnerable to private escalation attacks from third-party applications. However, MediaTek responded promptly and fixed the issue back in October, and the bug did not affected users even before the fix. Checkpoint Research today published a research paper detailing the vulnerability.

Show Full Article

Check Point Research reverse-engineered the attack on the MediaTek Helio G85-powered Redmi Note 9. According to the Checkpoint Research team, the process was quite complicated, and the engineers had to reverse engineer the whole undocumented software. The attack takes advantage of four of the vulnerabilities found in the MediaTek chipsets, allowing third-party apps to pass specific commands to the chipset’s AI and audio processing parts.

In simple words, these vulnerabilities would have given malicious apps access to the chipset’s audio interface, which should not happen.

As of now, no such eavesdropping incidents have been reported in the media or by any users. And going forward, there should be no need to worry as MediaTek fixed the issue back in October.

“Regarding the Audio DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to all OEMs. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store,” said Tiger Tsu, Product Security Officer, MediaTek.

There’s no information available on which chipsets or devices were affected by this vulnerability. However, as per Checkpoint Research’s paper, the exploit could have affected MediaTek chipsets based on the Tensilica APU platform. It should be noted that some of the recent HiSilicon chipsets are also based on the same Tensilica APU. However, it’s not yet confirmed if these chips have been vulnerable to these vulnerabilities or not.