Key Highlights
- Security researchers breached a MediaTek-powered Nothing phone in just 45 seconds.
- The exploit targets the Trusted Execution Environment (TEE) on MediaTek chips.
- This vulnerability could affect millions of Android devices with MediaTek processors.
- MediaTek issued fixes to device makers in January 2026 but the issue remains a concern for users.
The Exploit Unveiled
Security researchers from Ledger’s Donjon team have discovered a serious vulnerability in MediaTek-powered Android phones. They managed to break into a CMF Phone 1 by Nothing in just 45 seconds, without ever booting the Android operating system.
This isn’t just a one-off incident. The exploit works on devices with MediaTek processors that use Trustonic’s Trusted Execution Environment (TEE), potentially affecting millions of Android devices across multiple price tiers.
A Deep Dive into TEE Vulnerabilities
TEEs are supposed to provide a secure area inside the main processor for protecting sensitive data. But Charles Guillemet, CTO of Ledger, explained that general-purpose chips like those from MediaTek are built for convenience, not security. The flaw highlights this deeper design problem.
Guillemet detailed how his team plugged into the CMF Phone 1 and accessed protected data in less than a minute. Once connected to a computer, the attack retrieves the phone’s PIN, decrypts its storage, and extracts seed phrases from software cryptocurrency wallets.
The Broader Implications
MediaTek issued fixes on January 5, 2026, but this isn’t the first time they’ve faced such issues. Last year, Donjon discovered fault injection vulnerabilities in MediaTek Dimensity chips, leading to a complete security compromise.
This vulnerability is particularly concerning because it allows attackers to extract sensitive user data even when the device is powered off. It’s not just about data breaches; it’s also about the potential for compromising cryptocurrency wallets, which are often stored on devices with TEEs.
A Call to Action
For users of Android devices with MediaTek chips, updates are crucial. While patches should be rolling out from affected phone makers, it’s important to ensure your device is up-to-date to mitigate this risk.
The broader tech community must continue to push for more robust security measures in general-purpose chips. Until then, keeping an eye on software updates and practicing good cybersecurity habits remains essential.
So, you might think this is new, but it’s not the first time we’ve seen such vulnerabilities in widely used hardware. The industry needs to wake up and address these fundamental design flaws before they become a bigger problem.
