MediaTek security vulnerability allowed root access on devices from Nokia, Amazon, BLU, and otthers

guest · Mar 2, 2020

MediaTek security vulnerability allowed root access on devices from Nokia, Amazon, BLU, Sony, ZTE, and others
Some OEMs have patched it already
March 2, 2020
https://www.androidpolice.com/2020/...es-from-nokia-amazon-blu-sony-zte-and-others/

Security vulnerabilities are unfortunately extremely common in smartphones, given the complexity and varying codebases of most devices. That's why Google has been releasing monthly security patches for years, and if you needed another reason for why those updates are so important, the March 2020 release fixes a critical flaw on many MediaTek devices.

One of the vulnerabilities fixed in the March security patch is CVE-2020-0069, a security flaw that affects the Command Queue driver on devices with certain MediaTek processors.
[...] the vulnerability was first discovered in February 2019 by a developer looking for a way to root Amazon's Fire tablets. The developer, known as 'diplomatic' on the XDA Forums, later released a script that used the vulnerability to temporarily gain root access on Fire tablets.

It was later discovered that the vulnerability, nicknamed 'MediaTek-su,' was also present on many other phones and tablets using MediaTek processors. Here's the full list of confirmed devices, courtesy of XDA Developers: [...]
Click to expand...

Since MediaTek-su is now a year old, some OEMs have already caught on and patched their devices — Fire OS has been fixed for months, for example.
This is also one of the rare examples of an Android security vulnerability that has been exploited in the wild.

Long story short, if you have a phone or tablet with a MediaTek processor, you should install the next system update you get as soon as possible.
Click to expand...

Log in or Sign up

MediaTek security vulnerability allowed root access on devices from Nokia, Amazon, BLU, and otthers

guest Guest

Log in or Sign up

MediaTek security vulnerability allowed root access on devices from Nokia, Amazon, BLU, and otthers

guest Guest

Useful Searches