cancel
Showing results for 
Search instead for 
Did you mean: 

Mediatek vulnerability

Rising Star
Posts: 114
Thanks: 37
Registered: ‎19-08-2018

Mediatek vulnerability

Partner here claims the Hub one router we have has a Mediatek chip - true or not? They re seriously bad news and many OEMs are poor at updating the firmware to address security issues. Not true with our Plusnet kit surely?

https://www.xda-developers.com/mediatek-su-rootkit-exploit/

5 REPLIES 5
Champion
Posts: 1,946
Thanks: 466
Fixes: 12
Registered: ‎15-11-2012

Re: Mediatek vulnerability

Not true.

 

 

The Hub One is a rebadged BT Home Hub 5 revA which uses a Lantiq chipset

Aspiring Hero
Posts: 12,528
Thanks: 609
Fixes: 19
Registered: ‎01-09-2007

Re: Mediatek vulnerability

That link relates to mobile phones.

I'd assume that Mediatek makes many thousands of different chips - which one are you concerned about?

Anyway, it relies on a local user (that's you) running a script to hack into the phone/device and installing a rootkit.



 

"In The Beginning Was The Word, And The Word Was Aardvark."

Rising Star
Posts: 114
Thanks: 37
Registered: ‎19-08-2018

Re: Mediatek vulnerability


@DaveyH wrote:

Not true.

 

 

The Hub One is a rebadged BT Home Hub 5 revA which uses a Lantiq chipset


OK, tracing back the info my partner had found, indeed the recent issues are with phone systems, not routers. Taking the router to bits shows Lantiq Systems-on-Chip not MediaTek.

https://openwrt.org/toh/bt/homehub_v5a

Router software/firmware seems a year or so old though - no security updates for a while!

Rising Star
Posts: 114
Thanks: 37
Registered: ‎19-08-2018

Re: Mediatek vulnerability


@VileReynard wrote:

Anyway, it relies on a local user (that's you) running a script to hack into the phone/device and installing a rootkit.



 


Any system that allows updating remotely - like Plusnet - can be 'updated' by a malicious person, no?

Community Veteran
Posts: 2,309
Thanks: 499
Fixes: 52
Registered: ‎13-08-2015

Re: Mediatek vulnerability

No, but if you add unprotected in your quote you might be right, if they knew how to find it.