Home → News → Researchers Find Security Flaw Affecting 37% of Smartphones → Full Text

Researchers Find Security Flaw Affecting 37% of Smartphones

By PC Magazine

November 30, 2021

[article image]

Researchers at Check Point Research have identified security flaws in the audio digital signal processor (DSP) used in MediaTek's system-on-chip products, affecting about 37% of all smartphones and Internet of Things devices.

Three vulnerabilities were detected in the DSP firmware and one in the audio hardware abstraction layer.

Said the researchers, "A malformed inter-processor message could potentially be used by an attacker to execute and hide malicious code inside the DSP firmware. Since the DSP firmware has access to the audio data flow, an attack on the DSP could potentially be used to eavesdrop on the user."

The flaws could be chained with vulnerabilities in original equipment manufacturer libraries, enabling local privilege escalation from an Android app, which the researchers said "may be able to send messages to the audio DSP firmware."

MediaTek released patches for these flaws in October.

From PC Magazine
View Full Article


Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA


No entries found