Mediatek Releases Patch To Fix Eavesdropping Bugs

November 25, 2021

Mediatek, a semiconductor manufacturer, has released a patch to address several vulnerabilities that allow attackers to intercept Android phone calls, execute commands, or elevate their privileges to a higher level.

The vulnerabilities include CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, which were all fixed in October, and CVE-2021-0673, which will be fixed in the upcoming update.

Since 43% of smartphones use Mediatek chips, the bug ensures that these devices are vulnerable to eavesdropping or malware infections while the update is not installed.

With these vulnerabilities in the hands of an attacker, several malicious activities could be carried out, including local privilege escalation attacks, sending messages to the DSP firmware, and most recently executing hidden code on the DSP chip.

Those using a MediaTek device that works on an older patch level should install mobile protection software from a verified vendor and refrain from risky practices such as installing APKs outside the Play Store.

For more information, read the original story in BleepingComputer.

Mediatek Releases Patch To Fix Eavesdropping Bugs

Top Stories

eBay cutting 800 jobs amid strategic realignment

U.S. Pentagon presses Anthropic to lift AI use restrictions

Canada ‘disappointed’ as OpenAI fails to offer new safety protocols after B.C. school shooting

Meta facial recognition glasses spark backlash as detection app launches

A quick primer on graph databases

Android malware taps Google’s Gemini AI, but Google says users are safe

Related Articles

Android malware taps Google’s Gemini AI, but Google says users are safe

Over 10 million U.S. users affected in Conduent data breach

FBI flags surge in ATM jackpotting

Fake Olympics Shop ads on Meta target shoppers with cloned sites

TND News Desk

TND News Desk

Jim Love

Follow Us

Popular categories

Tech News Delivered