MediaTek Chip Flaw Could Have Let Attackers Spy on Android Phones

MediaTek systems-on-a-chip are embedded in more than one-third of smartphones and IoT devices around the world.

Newly discovered vulnerabilities in MediaTek chips, embedded in 37% of smartphones and Internet of things (IoT) devices around the world, could have enabled attackers to eavesdrop on Android users from an unprivileged application.
The vulnerabilities specifically exist in a part of the MediaTek system-on-chip that handles audio signals, Check Point Research explained in a blog post. Modern MediaTek chips, which are built into high-end phones from Xiaomi, Oppo, Realme, and Vivo, have an artificial intelligence (AI) processing unit (APU) and audio digital signal processor (DSP) to boost media performance and reduce CPU usage.
Researchers say the goal of their analysis was to find a way to attack the audio DSP from an Android phone. The team reverse-engineered the MediaTek audio DSP firmware to find several flaws that are accessible from the Android user space, they report.
They found that an unprivileged Android application could abuse the AudioManager API by setting a crafted parameter value to attack a vulnerability in the Android Aurisys hardware abstraction layer (HAL) (CVE-2021-0673). By chaining this bug with flaws in the OEM partners libraries, the MediaTek security flaw Check Point found could lead to local privilege escalation from an Android app. With this, an Android app may be able to send messages to the audio DSP firmware.
Three other vulnerabilities in the audio DSP itself (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663) may allow an attacker to perform additional malicious actions, such as to hide and execute code within the audio DSP chip.
The flaws discovered in the DSP firmware have been patched and published in the October 2021 MediaTek Security Bulletin, Check Point reports. CVE-2021-0673 was fixed in October and will appear in the December 2021 MediaTek Security Bulletin.
Read Check Point Researchs
blog post
and
technical write-up
for more information.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
MediaTek Chip Flaw Could Have Let Attackers Spy on Android Phones