MediaTek Confirms Software Bug Making Android Devices Vulnerable To Attack, Promises Fix
MediaTek responds to a security issue that has been found to affect a number of Android handsets and tablets that are powered by the company's chipsets.
The company has confirmed the vulnerability and explained how it came to exist, while being cautious in providing other details in their statement.
Justin Case, a security researcher, was the first to take notice of the issue, revealing that the bug can allow a root user to maliciously attack a vulnerable device.
"Root user could do many things, such as access data normally protected from the user/other apps, or brick the phone, or spy on the user, monitor communications etc.," says Case in a statement to Gadgets 360.
Some of the private data that can be potentially exploited include photos and contacts. Moreover, the said bug is also capable of monitoring all traffic remotely.
Case also reveals that the software bug uses a "backdoor" that allows the root access. Once a user or a malicious app gains root access, it can lead to an increased root user privilege that would alter the device's normally restricted read only properties.
"So Mediatek broke basic security features to have this backdoor work," tweets Case. "Readonly properties are NOT read only!"
MediaTek explains the source of the vulnerability. Before shipping devices, smartphone makers have to conduct tests using the de-bug feature to ensure everything works well. However, after completing those tests, they should disable the feature prior to releasing the devices to end users.
"We are aware of this issue and it has been reviewed by MediaTek's security team," says a spokesperson for MediaTek. "It was mainly found in devices running Android 4.4 KitKat, due to a de-bug feature created for telecommunication inter-operability testing in China."
After an investigation, the company has learned that some of these manufacturers failed to disable the feature, which resulted in the security issue that Case now brought to the company's attention.
MediaTek has replied to Case in a tweet, mentioning that it's currently working on a fix and it will address further security concerns through the company's Product Security Taskforce.
"Hi, we have been working on a patch and expect it to be ready shortly," tweets MediaTek. "Thanks for being on the lookout though. Inputs always welcome!"
When asked for more details such as the specific smartphone models and how many handsets are in fact affected, MediaTek said that only a portion of devices were affected and they have already alerted all concerned manufacturers on the matter.