If you own a MediaTek based Android phones – don’t panic – but a high-severity flaw in MediaTek’s command queue driver is being exploited by cybercriminals.
The MediaTek bug, discovered in April 2019 but not made public until now, is an elevation-of-privilege flaw (CVE-2020-0069) discovered by members of XDA-Developers (Forum here).
As is customary the bug notices remained silent to allow MediaTek time to develop a patch – which it has done. The problem is that unlike a Google Security Patches this has to be issued by the handset manufacturer and – well we know how bad they can be.
The chip models on which the vulnerability is present, and then shared the list : MT6735, MT6737, MT6738, MT6739, MT6750, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6763, MT6765, MT6771, MT6779, MT6795, MT6797, MT6799, MT8163, MT8167, MT8173, MT8176, MT8183, MT6580 and MT6595.
This includes smartphones and tablets (some Amazon Fire tablets) using MediaTek chips. This means thousands of obscure OEM/ODM models and millions of low-to-mid range handsets using Android 7 or later.
Frankly – if you have not received a very recent firmware update for your phone (not just a Google security update) you should avoid using it for any online banking or secure purposes. Google has also addressed it in the March 2020 security update.
GadgetGuy’s take – don’t panic if you have a MediaTek based Android phone
We usually refrain from any sensationalism and sky is falling stuff. This verges on serious because Trend Micro has identified Play Store Apps that carry the payload.
As a precaution you should be running a paid Antimalware solution from a reputable company as these can prevent infection.
You can see MediaTek based phones we have reviewed here