Millions of Android devices have security holes, Google has spent months fixing

Mobile developer forum XDA revealed today that Google has fixed a serious security breach about Android devices involving millions of Android devices using MediaTek chipsets. It is understood that the vulnerability has been public for several months and is a backdoor that exists in CPU firmware.

Millions of Android devices have security holes, Google has spent months fixing

Millions of Android devices have security holes, Google has spent months fixing

Millions of Android devices have security holes, Google has spent months fixing

Millions of Android devices have security holes, Google has spent months fixing

The Vulnerability allows malicious programs to gain access to Android devices using MediaTek’s 64-bit chip through simple scripts, affecting hundreds of smartphones, tablets and smart set-top boxes, the XDA said.

Google mentioned the patch in its Android security bulletin in March (CVE-2020-0069), after details about the vulnerability had been circulating online for months. It’s worth noting that hackers can still exploit the vulnerability on dozens of Android devices.

Hackers who exploit this vulnerability can cause damage in a number of ways, installing applications and then granting them any permissions they need to break into the device. Hackers can also use root permissions in the vulnerability to launch ransomware, which may render the entire device unusable.

Since May 2019, MediaTek has provided a patch to fix the vulnerability, but the company cannot force oEMs to fix the device. XDA explains that Google can fix the device through a license agreement and terms. According to XDA, Google was aware of the vulnerability months before the patch was released.

List of affected devices:

Acer Iconia One 10 B3-A30

Acer Iconia One 10 B3-A40

Alba tablet series

Alcatel 1 5033 series

Alcatel 1C

Alcatel 3L (2018) 5034 series

Alcatel 3T 8

Alcatel A5 LED 5085 series

Alcatel A30 5049 series

Alcatel Idol 5

Alcatel/TCL A1 A501DL

Alcatel/TCL LX A502DL

Alcatel Tetra 5041C

Amazon Fire 7 2019 – up to Fire OS 6.3.1.2 build 000251705024 only4

Amazon Fire HD 8 2016 – up to Fire OS 5.3.6.4 build 626533320 only

Amazon Fire HD 8 2017 – up to Fire OS 5.6.4.0 build 636558520 only

Amazon Fire HD 8 2018 – up to Fire OS 6.3.0.1 only

Amazon Fire HD 10 2017 – up to Fire OS 5.6.4.0 build 636558520 only

Amazon Fire HD 10 2019 – up to Fire OS 7.3.1.0 only

Amazon Fire TV 2 – up to Fire OS 5.2.6.9 only

ASUS ZenFone Max Plus X018D

ASUS ZenPad 3s 10 Z500M

ASUS ZenPad Z3xxM (F) MT8163-based series

Barnes and Noble NOOK Tablet 7″ BNTV450 and BNTV460

Barnes and Noble NOOK Tablet 10.1″ BNTV650

Blackview A8 Max

Blackview BV9600 Pro (Helio P60)

BLU Life Max

BLU Life One X

BLU R1 series

BLU R2 LTE

BLU S1

BLU Tank Xtreme Pro

BLU Vivo 8L

BLU Vivo XI

BLU Vivo XL4

Bluboo S8

BQ Aquaris M8

CAT S41

Coolpad Cool Play 8 Lite

Dragon Touch K10

Echo Feeling

Gionee M7

HiSense Infinity H12 Lite

Huawei GR3 TAG-L21

Huawei Y5II

Huawei Y6II MT6735 series

Lava Iris 88S

Lenovo C2 series

Lenovo Tab E8

Lenovo Tab2 A10-70F

LG K8 Plus (2018) X210ULMA (MTK)

LG K10 (2017)

LG Tribute Dynasty

LG X power 2/M320 series (MTK)

LG Xpression Plus 2/K40 LMX420 series

Lumigon T3

Meizu M5c

Meizu M6

Meizu Pro 7 Plus

Nokia 1

Nokia 1 Plus

Nokia 3

Nokia 3.1

Nokia 3.1 Plus

Nokia 5.1

Nokia 5.1 Plus/X5

Onn 7″ Android tablet

Onn 8″ and 10″ tablet series (MT8163)

OPPO A5s

OPPO F5 series/A73 – Android 8.x only

OPPO F7 series – Android 8.x only

OPPO F9 series – Android 8.x only

Oukitel K12

Protruly D7

Realme 1

Sony Xperia C4

Sony Xperia C5 Series

Sony Xperia L1

Sony Xperia L3

Sony Xperia XA Series

Sony Xperia XA1 series

Southern Telecom Smartab ST1009X (MT8167)

TECNO Spark 3 series

Umidigi F1 series

Umidigi Power

Wiko Ride

Wiko Sunny

Wiko View3

Xiaomi Redmi 6/6A series

ZTE Blade A530

ZTE Blade D6/V6

ZTE Quest 5 Z3351S