Millions of devices with a chipset from the Taiwanese manufacturer MediaTek have been vulnerable for months, to malicious external attacks that could access the root. This is proven by a publication from XDA-Developers.

Google‘s monthly Security Bulletin on Android mentioned the vulnerability CVE-2020-0069 and according to XDA-Developers, this is the first time that Google has reported it. However, the existence of the vulnerability in the chipsets has been known for much longer: on the forum of XDA-Developers it was already mentioned (including details) in April 2019. A month after that discovery, MediaTek came up with a patch, but it hasn’t been implemented on all devices by a long shot. That’s why Google is now enabled to offer an update to the remaining users as well.

The vulnerability was found after users of the forum attempted to hack the Amazon Fire tablets in order to remove bloatware. Because of the security measures on such devices, this is actually only possible by finding a loophole in the software. With MediaTek-su, as the hack is called, only much more than the Amazon Fire tablet was able to access the root.

The vulnerability was found on almost all 64-bit chipsets from MediaTek, but a number of smartphones avoided the vulnerability. Huawei (from Android 8 onwards) and Samsung, among others, modified the kernel in such a way that root access by means of vulnerabilities such as MediaTek-su were prevented.