A newly discovered security flaw in certain MediaTek-powered Android smartphones is raising concerns among cybersecurity researchers. The vulnerability could allow attackers to access sensitive information from affected devices in less than a minute, even when the phone appears to be switched off.

The discovery was made by security experts from Ledger Donjon, the research division of cryptocurrency company Ledger, who say the issue could potentially impact millions of smartphones that use MediaTek processors.

Researchers Identify Weakness In Trusted Security System

The vulnerability reportedly targets the Trusted Execution Environment (TEE) used in MediaTek chipsets. This secure environment, developed with Trustonic, is designed to protect sensitive information such as PIN codes, encryption keys, and secure application data.

However, researchers claim they were able to bypass this protection on devices powered by MediaTek Dimensity and Helio processors.

According to Ledger CTO Charles Guillemet, the flaw allows attackers with physical access to a phone to extract protected data extremely quickly by connecting the device to a computer.

Test Conducted On CMF Phone 1

To demonstrate the issue, researchers tested the vulnerability on the CMF Phone 1, a smartphone powered by the MediaTek Dimensity 7300 chipset.

In their experiment, the team reportedly managed to break through the phone’s security in about 45 seconds after connecting it to a computer. Once access was gained, they were able to retrieve sensitive information stored on the device.

Although the test focused on the CMF Phone 1, the researchers warn that any smartphone running affected MediaTek chips could potentially be vulnerable.

PIN Codes And Crypto Wallet Data At Risk

One of the most alarming aspects of the vulnerability is the type of data that attackers may be able to access.

Researchers say the exploit allowed them to retrieve a device’s security PIN, gain access to decrypted storage, and even extract seed phrases from cryptocurrency wallet applications.

Seed phrases — typically a set of 12 to 24 words — are used to verify and recover cryptocurrency accounts. If these phrases are exposed, attackers could potentially gain full control over a user’s crypto wallet.

This raises serious concerns for users who store digital assets on their smartphones.

Phones Could Be Accessed Even When Turned Off

Perhaps the most surprising detail from the research is that attackers reportedly did not need to power on the phone to access the sensitive information.

The vulnerability allows attackers to retrieve protected data while the device is connected to external hardware, meaning the phone does not need to be unlocked or fully booted.

Security experts warn that this could make it easier for malicious actors to extract data from stolen or temporarily accessed devices.

MediaTek Says Patch Was Already Issued

While the vulnerability has sparked concern, MediaTek says it has already taken steps to address the issue.

The company reportedly released a security patch to device manufacturers in January, giving smartphone makers the ability to fix the vulnerability through software updates.

However, it remains unclear how many smartphone brands have already applied the fix to their devices, or whether all affected phones have received the update.

Final Words

The discovery highlights the growing importance of smartphone security as more users rely on their devices to store sensitive personal and financial information. While MediaTek has reportedly issued a fix, the real-world impact will depend on how quickly smartphone manufacturers roll out updates to affected devices.

Until then, experts advise users to keep their phones updated with the latest software and remain cautious about where they connect their devices, especially when handling sensitive data like cryptocurrency wallets.