The vulnerability left Android users open to hackers eavesdropping on them, elevating privileges and executing commands
Security patches have been issued to fix a vulnerability affecting audio digital signal processors in IoT devices and smartphones.
The vulnerability, discovered by Check Point Research, found flaws in the MediaTek smartphone chip used in 37% of the world’s smartphones. Security flaws were found inside the chip’s audio processor. Those vulnerabilities could have given a hacker the ability to eavesdrop on Android users, elevate privileges and execute commands, according to Check Point Research.
Three flaws were found in the DSP firmware with one further vulnerability arising in the SOC’s hardware abstraction layer. CPR’s research team said attacks could have exploited it to execute and hide malicious code within the DSP system, potentially eavesdropping on the user.