cancel
Showing results for 
Search instead for 
Did you mean: 

Mediatek vulnerability

mechanic123
Rising Star
Posts: 116
Thanks: 37
Registered: ‎19-08-2018

Mediatek vulnerability

Partner here claims the Hub one router we have has a Mediatek chip - true or not? They re seriously bad news and many OEMs are poor at updating the firmware to address security issues. Not true with our Plusnet kit surely?

https://www.xda-developers.com/mediatek-su-rootkit-exploit/

5 REPLIES 5
DaveyH
Champion
Posts: 1,946
Thanks: 466
Fixes: 12
Registered: ‎15-11-2012

Re: Mediatek vulnerability

Not true.

 

 

The Hub One is a rebadged BT Home Hub 5 revA which uses a Lantiq chipset

VileReynard
Hero
Posts: 12,581
Thanks: 628
Fixes: 20
Registered: ‎01-09-2007

Re: Mediatek vulnerability

That link relates to mobile phones.

I'd assume that Mediatek makes many thousands of different chips - which one are you concerned about?

Anyway, it relies on a local user (that's you) running a script to hack into the phone/device and installing a rootkit.



 

"In The Beginning Was The Word, And The Word Was Aardvark."

mechanic123
Rising Star
Posts: 116
Thanks: 37
Registered: ‎19-08-2018

Re: Mediatek vulnerability


@DaveyH wrote:

Not true.

 

 

The Hub One is a rebadged BT Home Hub 5 revA which uses a Lantiq chipset


OK, tracing back the info my partner had found, indeed the recent issues are with phone systems, not routers. Taking the router to bits shows Lantiq Systems-on-Chip not MediaTek.

https://openwrt.org/toh/bt/homehub_v5a

Router software/firmware seems a year or so old though - no security updates for a while!

mechanic123
Rising Star
Posts: 116
Thanks: 37
Registered: ‎19-08-2018

Re: Mediatek vulnerability


@VileReynard wrote:

Anyway, it relies on a local user (that's you) running a script to hack into the phone/device and installing a rootkit.



 


Any system that allows updating remotely - like Plusnet - can be 'updated' by a malicious person, no?

Mustrum
Community Veteran
Posts: 2,717
Thanks: 642
Fixes: 60
Registered: ‎13-08-2015

Re: Mediatek vulnerability

No, but if you add unprotected in your quote you might be right, if they knew how to find it.