After almost a year since its discovery, a critical vulnerability affecting millions of Android devices using MediaTek chips (now tracked as CVE-2020-0069) has been finally fixed by Google. The issue was first reported on the XDA forum, one of the largest forums for Android software modifications, back in April 2019.
The MediaTek Vulnerability
The Amazon Fire tablets are heavily guarded, and the tablet manufacturer does not provide an official method to unlock the bootloader of Fire tablets. The only way to root the Fire tablet without hardware modifications is to find a loophole in the software itself that bypasses Android’s security model. An active member of the forum did just that and hit the bull’s eye only to discover that the exploit had a greater outreach and not just limited to the Amazon Fire Tablet.
The exploit was successfully tested on all MediaTek 64-bit chipsets used in several devices including Motorola, OPPO, Sony, Alcatel, Amazon, ASUS, Blackview, Realme, Xiaomi, and more. On gaining root shell access and privileges, an attacker can install a malicious application on the device and have unrestricted access to all the files including private data directories.
This was a grave concern and thus reported to MediaTek immediately. However, XDA states that although MediaTek released a security patch to fix the issue in a month’s time, it was continued to be exploited in the wild by many hacking groups until recently.
Google’s Helping Hand
Failing to fix the issue and considering the high severity of it, in February 2020, MediaTek turned to Google for a helping hand. Google’s engineers obliged as it also affected its flagship Android mobile device brand – Pixel. On March 3, 2020, Google released an Android Security Bulletin for March 2020 in which it announced the fixture of over 70 various issues affecting its Android devices including CVE-2020-0069.
Earlier in 2019, Google’s security researchers discovered that an iPhone could be turned into a surveillance tool exposing a victim’s sensitive information including contacts, Live Location, chat history, emails, photos, and passwords. A total of fourteen vulnerabilities spread across five exploit chains: seven for the iPhone’s web browser, five for the kernel and two separate sandbox escapes were discovered and later fixed.