How ToInternetInternet TipsInternet WorldMobile PhonesPC WorldTech NewsTech TipsTechnology

A Flaw In MediaTek Audio Chips Could Have Exposed Android User’s Conversations

A Flaw In Mediatek Audio Chips Could Have Exposed Android Users’ Conversations. A security flaw in processor maker MediaTek designs, the brand name in cell devices by customer base, has revealed users of cellphones to cyber-criminals spying on the sound source.

Verification Point, a cybersecurity firm, was notified of the issue, which was found in 2-components of the MediaTek Audio Chips: 

  • The artificial intelligence processing unit (APU)
  • Digital audio signal processor (DSP)

As Security Check said in a report issued to Europa Media, both the APU and the sound DSP have proprietary microchip designs, giving MediaTek’s DSP a one-of-a-kind subject.

Flaw In MediaTek Audio Chips

Through decrypting processes, researchers discovered that a malicious program could use a sequence of security flaws to hijack the Audio Chips file of gadgets with susceptible MediaTek processing units. This product, which currently covers 37 percent of cell devices, is the first in the industry.

The customer must be duped into downloading and running the malicious program in order for this to happen. After that, this app attacks a module that has accessibility to the Audio Chips drivers using the MediaTek application programming interface (API).

In this approach, the program uses its access permission to make fake notifications to the sound drivers, which causes the Audio Chips ‘software’ to run code and usurp the audio information from the smartphone.

Read Also:-

“If the security flaws aren’t fixed, an assailant could be using them to listen in on Android users’ discussions,” said Slava Makkaveev, a security analyst at Security Check Apps.

The flaws detected in the ‘device’ DSP have been fixed and documented in the October 2021 MediaTek Safety Points. The issue with MediaTek’s HAL de Audio Chips was resolved in Oct, as well as the solution will be disclosed in the Dec 2021 MediaTek magazine.

Furthermore, the analysts informed Xiaomi, which, together with Oppo, Realme, and Vivo, is one of the companies that has since employed MediaTek CPUs.

In principle, a threat actor’s order of operations for exploiting security vulnerabilities would be:

  • A user downloads and runs a malicious program from the Google Play Store.
  • The app attacks a library with authorization to communicate with the audio driver via the MediaTek API.
  • The application with system permission transmits crafted messages to the audio adapter, which causes the audio chip’s hardware to execute code.
  • The audio flow is stolen by the program.
A Flaw In MediaTek Audio Chips Could Have Exposed Android User's Conversations - 1

CPR informed MediaTek of its findings, which resulted in the creation of CVE-2021-0661, CVE-2021-0662, and CVE-2021-0663. These 3 flaws were later patched and revealed in the MediaTek Security points for October 2021. The security vulnerability in the MediaTek sound HAL (CVE-2021-0673) was resolved in Oct, as well as the Dec 2021 MediaTek Security Advisory will detail the fix.

Xiaomi was also told of CPR’s results.

Slava Makkaveev, a security consultant at Security Check Systems, states, “MediaTek is acknowledged to become the most common chipset for smartphones.”

“We started to suspect that because of its widespread use around the world, it could be used as a vulnerability by cyber criminals. We began investigating the technology that led to the creation of a series of flaws that could be exploited to access and target the chip’s audio chip via an Android app “Makkaveev explains.

“If the flaws were left unfixed, an attacker could have used them to listen in on Android users’ chats.”

Moreover, Makkaveev claims that the security breaches could have been exploited by device manufacturers to launch a massive eavesdropping operation.

A Flaw In MediaTek Audio Chips Could Have Exposed Android User's Conversations - 2

“Despite the lack of precise evidence of such exploitation, we acted promptly to inform MediaTek and Xiaomi of our results.”

Smartphone safety is a vital element and primary concern of all MediaTek systems, according to Tiger Hsu, product security manager at MediaTek.

“We made every effort to evaluate the problem and make relevant countermeasures accessible to all OEMs,” Hsu says of the Audio DSP issue discovered by Check Point.

“We have no proof that it is being exploited right now.” End users are encouraged to keep their smartphones up to date as new updates become accessible and to only download software from reputable sources like the Play Store.

Conclusion

Demonstrated a brand-new attack vector that may have exploited the Android API.” To be safe, we advise Android users to update their phones to the most recent security update. Flaw In MediaTek Audio Chips worked closely with us to ensure that these security vulnerabilities were resolved quickly, and we appreciate their collaboration and commitment to a safer world.”

A Flaw In MediaTek Audio Chips Could Have Exposed Android User's Conversations - 3

Are MediaTek Audio Chips Up To Snuff?

In terms of performance, The CPUs from MediaTek are reliable. Their multi-core CPUs allow for demanding and heavy job execution, and they excel at multitasking. Snapdragon has even superior multitasking, heavyweight and strenuous job management, and gaming efficiency.

Who Makes MediaTek Audio Chips?

The Hsinchu, Taiwan-based business announced that their new Dimensity 9000 microchip would be the first in worldwide to adopt Taiwan Semiconductor maker Co’s “N4” chip-manufacturing procedure, which helps to make processors smaller & quicker.

Is MediaTek A Better Option Than Qualcomm Snapdragon?

Advantages and Disadvantages of Qualcomm Snapdragon versus MediaTek

The latest mid-range chips from MediaTek are excellent for gaming as well as other workloads. Cellphones with MediaTek mobile chips are typically cheaper than those with Snapdragon chips. Qualcomm Snapdragon CPUs have a modest advantage in terms of battery life.

What Makes MediaTek So Bad?

MediaTek smartphones are also known for releasing software updates late or not at all. However, a large number of low-cost manufacturers have always relied on their processors, and many do not have the capacity to update their smartphones in the first position. If a MediaTek-powered smartphone isn’t upgraded, it’s not always the chipmaker’s responsibility.

Is MediaTek A Long-Term Investment?

Softness and efficiency. Although MediaTek hasn’t always been identified with effective mobile chips, the company is capable of producing some fairly outstanding value-for-money products. The chipset’s flaws are revealed the remainder of the time, with sporadic stutters & delays.

Is There A Problem With MediaTek Heating?

The MediaTek Dimensity 9000 premium microprocessor which will be constructed on a 4nm technology, was announced recently by Taiwanese chipmaker MediaTek. “There’s just one industry with temperature concerns right now,” the MediaTek CEO joked, referring to Qualcomm. It’s not us, either.”

Is The MediaTek Dimensity 810 A Better Gaming Laptop?

The MediaTek Dimensity 810 chipset characterizes widespread 5G smartphone experiences with wealthy technology that provides premium screens, improved power effectiveness for credible gameplay, and incredible photos and video broadcasting, even at night.

Which Processor Is Comparable To The Qualcomm Snapdragon 720G?

Qualcomm Snapdragon 720G against MediaTek Helio G90T

What Makes MediaTek Dimensity 700 Superior To The Qualcomm Snapdragon 720G?

  • CPU speed increased by 6.49 percent. 
  • The ram speed has been increased by 267MHz.
  • The semiconductor size is 1nm smaller.
  • Downloads are 1.5 times faster.
  • Has 5G capability.
  • The maximum memory capacity has been increased by 4GB.
  • Uploads are 40% faster.
  • GPU turbo speed increased by 200MHz

Related Articles

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
Back to top button
0
Would love your thoughts, please comment.x
()
x
Mail Icon