With so many devices running the Android operating system and given the varying and complex codebases of most devices, security vulnerabilities have now become common in smartphones. And thus, Google has been releasing monthly security patches for years.
In the latest development, XDA Developers reported about a vulnerability that was first discovered in February 2019 by a developer as he was tinkering to root Amazon Fire tablet. A user named ‘diplomatic’ on XDA Forums has released a script that used the vulnerability to temporarily gain root access on Fire tablets.
Later, it was discovered that the vulnerability nicknamed ‘MediaTek-su,’ was also present on many other phones and tablets that are powered by MediaTek processors. It could allow a malicious app to do anything — install any apps, change permissions for existing apps, and accessing private data, among others.
To check the list of devices affected by this, check out the XDA-Developers report which is linked below as Source. However, its noteworthy that since MediaTek-su is about a year old, some companies have already caught on and patched their devices.
EDITOR’S PICK: OPPO Reno3 Pro with 44MP dual punch-hole display, 64MP quad cameras, Helio P95 and 30W VOOC 4.0 launched for Rs. 29,999 (~$416)
Still, there are several devices which are vulnerable to this and given that MediaTek chipsets are mostly used in mid-range or low-end devices, some companies may not have resources to offer an update to fix this.
Earlier, TrendMicro had published a report which claimed that several Play Store applications used one of two exploits — MediaTek-su or CVE-2019-2215 to gain root access after detecting that the user’s device was vulnerable. However, those applications have not been removed by Google from the Play Store.
To check if your device powered by MediaTek chipset is vulnerable, run the original root script from XDA and if you enter a root shell, the exploit is working. If so, then you should install the latest software update as soon as you receive it.
UP NEXT: Redmi Note 9 Pro concept render appears with punch-hole display and square-shaped quad cameras
(Source)
