image credit: Pxhere

Android security: Google patches dangerous MediaTek flaw for tons of phones

March 3, 2020

Via: ZDnet

Google has disclosed a severe vulnerability affecting dozens of models of mid-range Android devices running on chips from MediaTek. Malicious Android apps have been exploiting the flaw since at least January 2020.

The elevation-of-privilege flaw, tracked as CVE-2020-0069, is disclosed in Google’s March 2020 Android bulletin and affects the MediaTek Command Queue driver.

The dangerous part about this bug is that an exploit has been floating around for almost a year called ‘MediaTek-su’, which enables temporary root access on a large number of MediaTek chips.

Read More on ZDnet