silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,210
MediaTek fixed security vulnerabilities that could have allowed attackers to eavesdrop on Android phone calls, execute commands, or elevate their privileges to a higher level.
MediaTek is one of the largest semiconductor companies in the world, with their chips present in 43% of all smartphones as of the second quarter of 2021
These vulnerabilities were discovered by Check Point, with three of them (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663) fixed in the October 2021 MediaTek Security Bulletin, and the fourth (CVE-2021-0673) fixed by a security update coming next month.
These flaws mean that all smartphones using MediaTek chips are vulnerable to eavesdropping attacks or malware infections that require no user interaction if the security updates are not installed.
There will likely never receive a security update for a notable number of older devices that vendors no longer support.
Mediatek eavesdropping bug impacts 30% of all Android smartphones
MediaTek fixed security vulnerabilities that could have allowed attackers to eavesdrop on Android phone calls, execute commands, or elevate their privileges to a higher level.
www.bleepingcomputer.com