Home    >    A huge flaw put numerous staple phones at risk – here's which brands are affected and how to protect your data

A huge flaw put numerous staple phones at risk – here's which brands are affected and how to protect your data

You'll always hear experts advising against installing apps from unknown sources, as they may contain malicious code that could give hackers access to your phone. But what if your phone's SoC itself has a major vulnerability that could easily allow any malicious actor to steal your data? Sounds like a nightmare, right? Well, this nightmare has apparently come true, as a major security flaw has been identified in MediaTek chipsets that could let attackers access your smartphone in seconds.

Millions of MediaTek-powered phones are affected

Dojon, an internal security research team at popular cryptocurrency hardware wallet Ledger, recently discovered a major vulnerability in MediaTek SoC. Charles Guillemet, CTO at Ledger, posted about it on X, mentioning that the flaw could affect all MediaTek-powered Android smartphones that rely on Trusted Execution Environment (TEE).

Recommended For You

For reference, a TEE is an isolated area in the main chipset that contains your sensitive information, such as fingerprint data, payment credentials, and more. Despite the software isolation, it is very much part of the main processor.
That said, the CMF Phone 1, which runs on MediaTek Dimensity 7300, was used for demonstration purposes. The white hat hackers were reportedly able to gain access to the phone within 45 seconds. The scary part is that the vulnerability could be exploited even when the device is turned off, allowing the hackers to access various sensitive data, such as PIN details. Storage was decrypted, and seed phrases from popular crypto wallets were also extracted during the exploit.

Recommended For You

You may ask, why is the security flaw only exclusive to MediaTek devices? That's because, unlike MediaTek-powered phones that rely on TEE, Pixel smartphones, Apple devices, and many Snapdragon-featured phones have a dedicated security chip that is harder to break through. This chip ensures that sensitive details are isolated from the main chip.
Would a security flaw like this make you think twice before buying a MediaTek-powered phone in the future?
117 Votes

Here's what you need to do

Donjon reportedly informed MediaTek about this vulnerability before disclosing it to the public. The chipmaker has also confirmed to the security firm that it has rolled out the fix to the manufacturers of all affected devices. That means the only thing you need to do is download any software update that lands on your MediaTek-powered Android phone, as it will most likely address the vulnerability.
Counterpoint's recent study suggests that MediaTek processors are used in almost 34% of all global smartphones. So, the impact of this flaw could be very significant. However, it's unclear whether it has ever been exploited by malicious actors to steal data. 
That said, in the March 2026 product security bulletin, MediaTek has listed all the chips that are affected by the security flaw. The listed processors clearly suggest that the issue isn't exclusive to any particular smartphone brand. Instead, it's spread across all popular names, including Oppo, Vivo, OnePlus, Samsung, and Nothing.

Themobiletechus

Disclaimer: This story is auto-aggregated by a computer program and has not been created or edited by Themobiletechus.