Bugs in MediaTek chips allowed malicious applications to record audio and spy on Android device owners. In relation to this, the Taiwanese manufacturer of a wide range of microcircuits for smartphones and IoT devices has released updates to eliminate serious vulnerabilities.
Check Point experts who discovered these issues report that three vulnerabilities were fixed as early as October 2021 (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663), and the fourth (CVE-2021-0673) will be fixed in December. The problem is complicated by the fact that MediaTek chips are installed on about 37% of all smartphones in the world.
The DSP receives requests for audio processing from applications in user space (via the driver and the IPC system). In theory, an unprivileged application could use the detected bugs to manipulate request handlers and run code on the audio chip. The audio driver does not communicate directly with the DSP, but does so through IPI messages sent to the System control processor (SCP).
According to a technical report from experts, by reversing the Android API responsible for audio communication, they have pinned down that malicious applications installed on the device can interact with the MediaTek audio driver. These applications gain the ability to send malicious messages to the MediaTek firmware to take control of the driver, and then can abuse the gained access to intercept any audio streams passing through the device.
The vulnerability prevents attackers from connecting to the device’s microphones, but as soon as audio data passes through the MediaTek driver, it can be recorded, for example, phone calls, WhatsApp calls, content from the browser and video players.
Experts write that MediaTek chips are definitely used in Xiaomi, Oppo, Realme and Vivo devices, and firmware updates are usually provided to users by the manufacturers themselves, along with monthly security updates for Android. Therefore, users are encouraged to apply the October Android security updates and the upcoming December 2021 patches to protect against the vulnerabilities found.
Researchers and representatives of MediaTek emphasize that, according to their data, the vulnerabilities have not yet been exploited by cybercriminals.
Let me remind you that we also wrote that Serious new vulnerabilities threaten Intel processors.
User Review( votes)