You'll always hear experts advising against installing apps from unknown sources, as they may contain malicious code that could give hackers access to your phone. But what if your phone's SoC itself has a major vulnerability that could easily allow any malicious actor to steal your data? Sounds like a nightmare, right? Well, this nightmare has apparently come true, as a major security flaw has been identified in MediaTek chipsets that could let attackers access your smartphone in seconds.
Millions of MediaTek-powered phones are affected
Dojon, an internal security research team at popular cryptocurrency hardware wallet Ledger, recently discovered a major vulnerability in MediaTek SoC. Charles Guillemet, CTO at Ledger, posted about it on X, mentioning that the flaw could affect all MediaTek-powered Android smartphones that rely on Trusted Execution Environment (TEE).
For reference, a TEE is an isolated area in the main chipset that contains your sensitive information, such as fingerprint data, payment credentials, and more. Despite the software isolation, it is very much part of the main processor.
Recommended For You
That said, the CMF Phone 1, which runs on MediaTek Dimensity 7300, was used for demonstration purposes. The white hat hackers were reportedly able to gain access to the phone within 45 seconds. The scary part is that the vulnerability could be exploited even when the device is turned off, allowing the hackers to access various sensitive data, such as PIN details. Storage was decrypted, and seed phrases from popular crypto wallets were also extracted during the exploit.
You may ask, why is the security flaw only exclusive to MediaTek devices? That's because, unlike MediaTek-powered phones that rely on TEE, Pixel smartphones, Apple devices, and many Snapdragon-featured phones have a dedicated security chip that is harder to break through. This chip ensures that sensitive details are isolated from the main chip.
Would a security flaw like this make you think twice before buying a MediaTek-powered phone in the future?
Here's what you need to do
March 2026 MediaTek product security bulletin. | Image by MediaTek
Donjon reportedly informed MediaTek about this vulnerability before disclosing it to the public. The chipmaker has also confirmed to the security firm that it has rolled out the fix to the manufacturers of all affected devices. That means the only thing you need to do is download any software update that lands on your MediaTek-powered Android phone, as it will most likely address the vulnerability.
Counterpoint's recent study suggests that MediaTek processors are used in almost 34% of all global smartphones. So, the impact of this flaw could be very significant. However, it's unclear whether it has ever been exploited by malicious actors to steal data.
That said, in the March 2026 product security bulletin, MediaTek has listed all the chips that are affected by the security flaw. The listed processors clearly suggest that the issue isn't exclusive to any particular smartphone brand. Instead, it's spread across all popular names, including Oppo, Vivo, OnePlus, Samsung, and Nothing.
Grab Mint's 3-month 5GB plan for $10/mo!
$10
/mo
$15
$5 off (33%)
Right now, you can take advantage of Mint Mobile's 5GB 3-month data plan at a solid discount. This 'last chance' promo lets you save $5/mo on the plan, making it simply too good to resist for those looking for a reliable and affordable service.
Aman Kumar is a tech news writer with a long-standing passion for smartphones. Aman specializes in everything smartphones, from AI features like Pixel’s Camera Coach to understanding ideal hardware combinations. He loves breaking down complex features in a simple, clear way and hopes manufacturers bring back bold designs like the Nokia N-Gage. When he’s not writing, he’s either gaming on PUBG or talking fitness as a dedicated gym enthusiast.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: