At present, more than 30% of Android devices on the market use the solutions provided by MediaTek, but these devices currently have serious vulnerabilities.
The security company found four high-risk vulnerabilities (CVE-2021-0661, CVE-2021-0662, CVE-2021-0663, CVE-2021-0673) in MediaTek chips, some of which have been fixed. However, the premise is that the device manufacturer needs to push firmware updates to users.
If the device cannot get an update to fix the vulnerability, it may be exploited by an attacker. According to the security company’s description, the attacker can use the vulnerability to carry out a “massive eavesdrop campaign” without the users’ knowledge.