Security researchers from Check Point Research discovered a vulnerability in MediaTek's chips that could be exploited to eavesdrop on users. Fortunately this gap has been patched by MediaTek.
In its report, Check Point said the gap was found in the AI and audio processing components in the MediaTek chipset. This loophole allows malicious applications to launch a 'privilege escalation attack'.
Simply put, third-party apps with appropriate code could access AI and audio-related information, and could theoretically be used by hackers to eavesdrop on phone owners.
Check Point explained that this vulnerability is quite complex and its research team had to reverse engineer the process. This exploit exploits four security holes found in MediaTek firmware that allow applications to send specific commands to audio interfaces.
In other words, a malicious application can gain access to parts of the audio interface that would otherwise be inaccessible.
The list of affected devices or chipsets is not available. But it looks like this vulnerability is found in all MediaTek Dimensity chipsets and other MediaTek chipsets that use the 'Tensilica' AI processing unit (APU) platform.
Other chipsets that use this APU include the MediaTek Helio G90 and P90. Several Kirin chipsets made by Huawei also use this APU, but it is not known if other implementations are affected, as quoted from Android Police, Friday (11/26/2021).
This gap is potentially dangerous considering that MediaTek dominates the global chipset market with a 43% market share. Check Point estimates that MediaTek chipsets are used by a third of mobile phones worldwide.
But users need not worry because MediaTek has already patched this vulnerability and made sure this vulnerability is never exploited. The related loophole has also been fixed since October 2021.
"Regarding the Audio DSP vulnerability reported by Check Point, we are working hard to validate the issue and provide mitigation for all OEMs," said MediaTek Product Security Officer Tiger Hsu in a statement.
"We have no evidence that this vulnerability is being exploited. We encourage users to update their devices when a fix is available and only install apps from trusted locations such as the Google Play Store," he continued.
