cancel
Showing results for 
Search instead for 
Did you mean: 

Mediatek vulnerability

Highlighted
Rising Star
Posts: 93
Thanks: 31
Registered: ‎19-08-2018

Mediatek vulnerability

Partner here claims the Hub one router we have has a Mediatek chip - true or not? They re seriously bad news and many OEMs are poor at updating the firmware to address security issues. Not true with our Plusnet kit surely?

https://www.xda-developers.com/mediatek-su-rootkit-exploit/

5 REPLIES 5
Highlighted
Champion
Posts: 1,859
Thanks: 467
Fixes: 12
Registered: ‎15-11-2012

Re: Mediatek vulnerability

Not true.

 

 

The Hub One is a rebadged BT Home Hub 5 revA which uses a Lantiq chipset

Highlighted
Aspiring Hero
Posts: 12,335
Thanks: 623
Fixes: 18
Registered: ‎01-09-2007

Re: Mediatek vulnerability

That link relates to mobile phones.

I'd assume that Mediatek makes many thousands of different chips - which one are you concerned about?

Anyway, it relies on a local user (that's you) running a script to hack into the phone/device and installing a rootkit.



 

"In The Beginning Was The Word, And The Word Was Aardvark."

Highlighted
Rising Star
Posts: 93
Thanks: 31
Registered: ‎19-08-2018

Re: Mediatek vulnerability


@DaveyH wrote:

Not true.

 

 

The Hub One is a rebadged BT Home Hub 5 revA which uses a Lantiq chipset


OK, tracing back the info my partner had found, indeed the recent issues are with phone systems, not routers. Taking the router to bits shows Lantiq Systems-on-Chip not MediaTek.

https://openwrt.org/toh/bt/homehub_v5a

Router software/firmware seems a year or so old though - no security updates for a while!

Highlighted
Rising Star
Posts: 93
Thanks: 31
Registered: ‎19-08-2018

Re: Mediatek vulnerability


@VileReynard wrote:

Anyway, it relies on a local user (that's you) running a script to hack into the phone/device and installing a rootkit.



 


Any system that allows updating remotely - like Plusnet - can be 'updated' by a malicious person, no?

Highlighted
Community Veteran
Posts: 2,061
Thanks: 434
Fixes: 48
Registered: ‎13-08-2015

Re: Mediatek vulnerability

No, but if you add unprotected in your quote you might be right, if they knew how to find it.