2 min Security

MediaTek vulnerabilities discovered in cars, phones and Chromebooks

MediaTek vulnerabilities discovered in cars, phones and Chromebooks

At least thirteen vulnerabilities have been exposed by MediaTek in its components. One of them is described as critical and is used in 51 chipsets.

The most notable vulnerability is known as CVE-2024-20154 and has a CVSS 3.0 rating of 8.1. That’s officially ranked aws “High,” but as we’ve pointed out before, such namings and scores are not going to point out the real-world severity. MediaTek itself describes CVE-2024-20154 as critical, at any rate. A missing bounds check allows a malicious party to perform an out-of-bounds write within several MediaTek modems. No user interaction is required to exploit the vulnerability.

Broad impact

MediaTek’s modems are used in numerous products. Within the company’s mobile SoCs, they connect smartphones from the likes of Samsung, Xiaomi, Motorola and Oppo to the Internet. In addition, the vulnerabilities affect chipsets found in cars, Chromebooks and IoT devices. The underlying OS is usually Android, although there are other more obscure operating systems that utilize MediaTek’s tech.

Among the other 12 vulnerabilities are mostly out-of-bounds write exploits, although all but one aren’t classified as critical. Other flaws may result in a system crash or denial-of-service. The exploitability of these vulnerabilities depends on several factors. For example, a MediaTek modem vulnerability could possibly lead to a compromise via a rogue transmission tower. This is because Android phones were recently found to be vulnerable in such a scenario, although Google has already patched against the discovered risks.

No sign of active misuse

The reassuring thing is that MediaTek has not yet found any exploits of the reported vulnerabilities. A patch is now available. However, the question is whether all devices with these vulnerabilities will be patched. Frequently, for example, IoT devices are a blind spot in an IT environment, while they can act as part of an attack path for cybercriminals, who then move laterally through the network.

Also read: Cyberhaven breach by malicious Chrome extension