Mediatek Releases Patch To Fix Eavesdropping Bugs

Share post:

Mediatek, a semiconductor manufacturer, has released a patch to address several vulnerabilities that allow attackers to intercept Android phone calls, execute commands, or elevate their privileges to a higher level.

The vulnerabilities include CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, which were all fixed in October, and CVE-2021-0673, which will be fixed in the upcoming update.

Since 43% of smartphones use Mediatek chips, the bug ensures that these devices are vulnerable to eavesdropping or malware infections while the update is not installed.

With these vulnerabilities in the hands of an attacker, several malicious activities could be carried out, including local privilege escalation attacks, sending messages to the DSP firmware, and most recently executing hidden code on the DSP chip.

Those using a MediaTek device that works on an older patch level should install mobile protection software from a verified vendor and refrain from risky practices such as installing APKs outside the Play Store.

For more information, read the original story in BleepingComputer.

SUBSCRIBE NOW

Related articles

Russian State-Backed Cyber Attack Exploits Zero-Day Vulnerabilities in Windows and Firefox

Headline: A sophisticated cyberattack leveraging two chained zero-day vulnerabilities in Mozilla Firefox and Microsoft Windows has been confirmed by...

Starbucks Forced to Pay Baristas Manually After Ransomware Attack

A ransomware attack on Blue Yonder, a third-party scheduling software provider, has disrupted Starbucks’ ability to manage employee...

Google Launches Free Cybersecurity Certificate for Entry-Level Jobs

Google has introduced a new Cybersecurity Professional Certificate, aimed at preparing students for entry-level roles in just six...

Critical Vulnerability Leaves Millions Of Sites Vulnerable To Takeover

A severe authentication bypass vulnerability has been discovered in the WordPress plugin "Really Simple Security" (formerly *Really Simple...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways