A series of critical security vulnerabilities have been discovered in MediaTek chipsets, affecting over 1.5 billion active Android devices worldwide. MediaTek, a leader in mobile chipset production and the second-largest global provider of smartphone chipsets, powers a wide array of Android tablets, smartphones, and smart-feature phones. Known for integrating advanced 5G, AI, and connectivity solutions, the company now faces scrutiny due to these security flaws, which could enable attackers to exploit systems without user interaction.
One of the most severe vulnerabilities, tracked as CVE-2024-20125, involves an out-of-bounds write in the vdec component. This flaw can allow attackers to escalate privileges to system-level execution, posing a critical threat to affected devices running Android 13 and 14. MediaTek’s security bulletin also highlights medium-severity vulnerabilities, such as CVE-2024-20130, a stack overflow in the power component, and CVE-2024-20135, an out-of-bounds write in the soundtrigger component, both of which can result in privilege escalation. Denial-of-service vulnerabilities, including CVE-2024-20129 and CVE-2024-20128, were also identified in the telephony component, impacting devices running Android versions 13, 14, and 15.
The impact of these vulnerabilities extends beyond Android. Platforms like openWRT, Yocto, and RDK-B are also affected by flaws such as CVE-2024-20136, which involves an out-of-bounds read in the DA component, potentially leading to local information disclosure. Additionally, vulnerabilities in MediaTek’s WLAN and Bluetooth components could allow client disconnection and data leaks across multiple software development kits and platforms. These vulnerabilities demonstrate the extensive reach of MediaTek chipsets across various technology ecosystems.
MediaTek has urged device manufacturers and users to implement the latest patches to mitigate risks and prevent potential exploitation. The company has established a reporting mechanism on its website for users to disclose additional vulnerabilities. This incident underscores the importance of continuous security monitoring and timely software updates to safeguard devices and data in an increasingly interconnected world.
Reference:
