Check Point Software discovers four vulnerabilities in MediaTek chips

Get a free Techzine subscription!

Check Point Software Technologies has found four vulnerabilities in smartphone chips from MediaTek that could allow hackers to install malware on devices that use them.

Check Point Software’s cybersecurity team detailed the flaws earlier this week. While MediaTek released patches in October. Taiwan-based MediaTek supplies chips to Android and IoT devices manufacturers. The company is incredibly influential, with its chips powering about 37% of all smartphone and IoT devices, according to market research cited by Check Point Software.

The vulnerabiltiies

The four vulnerabilities found by Check Point Software affect some of MediaTek’s systems-on-chip, which bring together a central processing unit with additional computing modules. The additional modules have an artificial intelligence accelerator and a digital signal processor that processes audio.

The vulnerabilities Check Point Software found affect the digital signal processor. Three of them are in the processor’s firmware (the software that controls how a chip operates.)

The fourth security issue was found in the hardware abstraction layer, a technology used by a device’s operating system (Android in this case) to control the chip on which it runs. The flaws can be used by a malicious Android app to infect MediaTek’s system-on-chip processor and listen in on users.

How the malware happens

Hackers can install the malware by making the processor generate a software flaw known as a heap overflow. In a heap overflow, the parts of a processor’s memory that have application data are overwritten by malicious code.

The cause of the problem, according to Check Point Software, is a set of faulty configuration settings that were originally implemented for debugging and can be abused by malicious actors with the skills to exploit the flaw.

The vulnerabilities were added to the CVE system as CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, and CVE-2021-0673.