Tracked as CVE-2020-0069, and dubbed as MediaTek-su is a flaw that has been in the open field for over a year, and has now been patched successfully by Google. In February 2019, a developer was searching for ways to root Amazon’s Fire Tablets and has accidentally discovered the vulnerability. It originally affects MediaTek Command Queue driver. The developer’s discovery led to a script that was used to temporarily gain root access on Amazon’s Fire devices.
A few versions of the Android devices fitted with MediaTek chips succumb to the security vulnerability that was initially designed to root Amazon devices. Discovering and patching security flaws before cybercriminals discover and exploit them for malicious gains is of crucial importance considering the complex ecosystem of Android OS. The implementation of corporate mobile device management could be a turning point for organizations that adopt a Bring Your Own Device (BYOD) policy. It can help detect and stop devices that aren’t running the latest security updates. Access to corporate apps or sensitive data is now easily blocked.
Access to further app installation, data theft, and end-user surveillance – all without the device owner being aware – are some of the exploits done by attackers. Installing a mobile endpoint security solution can help identify device compromises and monitor for app behavior.