Over 30% of Android devices have eavesdropping vulnerabilities, MediaTek is releasing an update to fix the vulnerabilities

MediaTek eavesdropping vulnerabilities

At present, more than 30% of Android devices on the market use the solutions provided by MediaTek, but these devices currently have serious vulnerabilities.

The security company found four high-risk vulnerabilities (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, CVE-2021-0673) in MediaTek chips, some of which have been fixed. However, the premise is that the device manufacturer needs to push firmware updates to users.

If the device cannot get an update to fix the vulnerability, it may be exploited by an attacker. According to the security company’s description, the attacker can use the vulnerability to carry out a “massive eavesdrop campaign” without the users’ knowledge.

That is, the user does not need to do anything, such as clicking on the link, to be infected. After being infected, the attacker can install the backdoor program.

MediaTek uses the dedicated audio unit of the digital signal processor to reduce the core processor load, while also improving the quality and performance of audio content playback.

This dedicated audio unit receives audio processing requests from the application in the Android userspace through the driver and the IPC system. It stands to reason that this needs to be verified.

But in the actual processing, the audio driver does not directly communicate with the digital signal processor, but the IPI message is directly forwarded to the system control processor for processing.

Because the boundary check is incorrect and leads to out-of-bounds writing, the attacker can write malicious code into the digital signal processor for permanent residence in the processing flow.

Theoretically speaking, this vulnerability allows a hacker to escalate the privileges on any MediaTek device and then install malicious software, which enables complete monitoring of the entire device through malicious software.

Every time you mention Android vulnerabilities, you have to say how to update old devices. MediaTek has actively repaired the vulnerabilities and submitted them to Google for distribution.

For example, three of the four vulnerabilities discovered this time have been fixed in October, and the corresponding fixes have been merged into the Android patch to be pushed by the manufacturer.

If the device can get a patch update, the vulnerability will not have much impact. The problem is that many old devices simply cannot get the update and cannot fix the vulnerability. MediaTek did not provide a potential mitigation plan.

The only thing users can do is install apps from trusted places. For older Android devices, this seems to be the only thing users can do to improve security.