Security firm Trustonic has disputed recent reports that its software is the vulnerable component in a security flaw affecting MediaTek chips. The company stated the issue is not specific to its Trusted Execution Environment (TEE) but is a broader system-level concern.
According to Trustonic, the vulnerability, identified as CVE-2024-32818, resides within MediaTek's hardware and firmware. The flaw could potentially allow attackers to bypass multiple security systems on affected chipsets, not just Trustonic's implementation.
MediaTek has acknowledged the vulnerability and released security patches. The company advises device manufacturers and users to ensure their devices are updated with the latest firmware to mitigate the risk.
The scope of affected Android devices remains unclear, as patching depends on individual manufacturers. Users are recommended to check for system updates from their device maker.
