MediaTek rings in the new year with a parade of chipset vulns MediaTek kicked off the first full working week of the new year by disclosing a bevy of security vulnerabilities, including a critical remote code execution bug affecting 51 chipsets. The fabless semiconductor biz gave the RCE a "critical" severity assessment but didn't provide a specific rating after running it through the …
Well then, it must be the really cheapo cars that will be RCE controlled then (emphasis mine):
The list of affected chipsets is long and includes ones for use in cars, smartphones, IoT devices, and Chromebooks.
I don't want my car connected to anything remote. Luckily, I don't own a car, so I guess that works out well then. But, if I would, I'd buy an old one without any of the connectivity "features" that can be hacked and are tracking you all the time.
So it isn't quite as bad as it could be. That's beyond the capabilities of casual criminals. Not to the nation state level of course, but I would think that if you control a telco base station you probably have better ways to monetize that foothold than hacking into some low end Androids. Not the least of which that you can snoop ALL the traffic across that base station regardless of what kind of modem the devices have.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
