MediaTek Bug Actively Exploited, Affects Millions of Android Devices

2020-03-03 19:02

Google has addressed a high-severity flaw in MediaTek's Command Queue driver that developers said affects millions of devices - and which has an exploit already circulating in the wild.

The MediaTek bug meanwhile is an elevation-of-privilege flaw discovered by members of XDA-Developers - they said the bug is more specifically a root-access issue.

"Now MediaTek has turned to Google to close this patch gap and secure millions of devices against this critical security exploit."

An XDA community member who goes by "Diplomatic" was looking to gain root access to Amazon Fire tablets, which runs on the Android OS, in order to get rid of what developers said is "Uninstallable bloatware" on the devices.

While the patch is now available, XDA members pointed out that MediaTek chipsets are found in dozens of budget and mid-tier Android devices from many different vendors, so the patching process is likely to take a while.

News URL

https://threatpost.com/mediatek-bug-actively-exploited-android/153408/

#android #mediatek

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Mediatek		61	0	41	27	22	90
Android		4	0	17	2	0	19