The March 2020 Android Security Update brings a patch that is expected to fix a critical security vulnerability in many MediaTek-powered devices. Called MediaTek-SU (CVE-2020-0069), the vulnerability reportedly affects the Command Queue driver on devices with a large number of MediaTek processors, and was being distributed on XDA as a way for advanced users to gain root access on Fire Tablets to install apps and games from the Google Play Store.
As it turns out, details of the rootkit have been available on XDA since April of last year, although, it is only now that Google has detailed it publicly. Despite MediaTek rolling out a patch within weeks of its discovery, the vulnerability is still being actively exploited by hackers. Now MediaTek and Google are working together to patch the vulnerability for good and secure millions of devices affected by this critical security exploit.
According to coder and XDA Member, ‘diplomatic’, the exploit works on “virtually all of MediaTek’s 64-bit chips”, including MT6735, MT6737, MT6738, MT6739, MT6750, MT6753, MT6755, MT6757, MT6758, MT6761, MT6762, MT6763, MT6765, MT6771, MT6779, MT6795, MT6797, MT6799, MT8163, MT8167, MT8173, MT8176, MT8183, MT6580, and MT6595. The exploit has since been confirmed to affect around 100 different models from dozens of vendors, including Nokia, Sony, Huawei, Lava, Oppo and more.
If you own a smartphone or tablet powered by any of the aforementioned MediaTek chipsets, you can check whether your device is vulnerable to MediaTek-su by running the script posted by XDA Member diplomatic in this XDA forum thread. If your device enters a root shell (the symbol will change from $ to #), it means the exploit works, so you’ll have to hope that your device manufacturer will roll out the March 2020 Android security patch for your device sooner rather than later.