December 3, 2021

News Collective

Complete New Zealand News World

Security flaw in MediaTek processors exposes audio on Android phones to cyber attacks |  Check the NNDC point |  Technique

Security flaw in MediaTek processors exposes audio on Android phones to cyber attacks | Check the NNDC point | Technique

A security issue affecting models of processor manufacturer MediaTek, the number one brand by market share of mobile phones, has exposed users of “smartphones” That you use to spy on audio broadcasts by cyber criminals.

The cyber security company has been alerted Check point, which indicated that the problem lies in two components of MediaTek’s chips: the artificial intelligence processing unit (APU) and the digital audio signal processor (DSP).

Both the audio APU and the DSP contain custom processor architectures, making MediaTek’s DSP a unique target, Check Point explains in a statement sent to Europa Press.

Through reverse engineering mechanisms, the investigation revealed that a malicious application could compromise audio streams of devices using vulnerable MediaTek processors through a series of vulnerabilities. This brand covers 37 percent of mobile phones today and is the first in this segment.

To do this, the user must be tricked into downloading and running the malicious application. Then, this application uses the MediaTek Application Programming Interface (API) to attack a library that has permission to access the audio driver.

In this way, the application, with system privileges, sends false messages to the audio console to execute the code in the “firmware” of the audio processor and fit the audio data of the mobile phone.

If not resolved, an attacker could exploit the vulnerabilities to listen in on Android users’ conversations. Explained by Slava McAfee, a security researcher from Check Point Program.

Vulnerabilities discovered in the DSP firmware (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663) have already been fixed and published in the MediaTek Security Bulletin October 2021. The issue is in MediaTek Audio HAL (CVE)-2021-0673 ) in October and will be published in the MediaTek newsletter in December 2021.

See also  Genshin Impact: Secret Codes from November 14th to exchange for free singles | video game

In addition, the researchers also reported their findings xiaomi, one of the brands that have used MediaTek processors recently, along with Oppo, Realme and Vivo, among other things.

as standard

Trust Project

know more

Recommended video

Rami: a geospatial technology tool to curb illegal mining in the Amazon rainforest

Rami: a geospatial technology tool to curb illegal mining in the Amazon rainforest
From space, it penetrates the dense layer of clouds that dominate the rainforest, tracking illegal mining, and alerting year-round deforestation in the Peruvian Amazon, a country where the “gold rush” has destroyed more than 96,000 hectares of primary forest in the past 30 years . (Source: EFE)