Indian govt issues high-severity warning for MediaTek-powered devices: Here’s how to be safe

Updated on 13-Jun-2025

HIGHLIGHTS

Exploits in MediaTek’s Wi-Fi, Bluetooth, and IMS services may allow remote code execution and system compromise.

CERT-In urges users to avoid untrusted connections and check for firmware updates while manufacturers roll out patches.

Similar chipset vulnerabilities recently affected Qualcomm devices, prompting a swift security update rollout.

The Indian government has issued a high-severity security warning over multiple vulnerabilities in MediaTek chipsets that power smartphones, smart TVs, and audio equipment. The warning, issued by the Indian Computer Emergency Response Team (CERT-In), follows an earlier alert from MediaTek itself.

According to CERT-In, the vulnerabilities could allow attackers to exploit Wi-Fi and Bluetooth modules, potentially granting them access to user data or control of affected devices. The notification highlighted issues like heap overflow, null pointer dereference, and incorrect authorisation in both Bluetooth and WLAN components, as well as uncontrolled recursion in IMS services.

“These vulnerabilities pose a significant risk to consumers and businesses alike,” CERT-In stated. Notably, these flaws could allow remote attackers to execute malicious code, which may result in system crashes or security breaches in devices using certain MediaTek chipsets.

The issues have been categorised under the following CVEs:

CVE-2025-20672

CVE-2025-20673

How to secure your device?

MediaTek has identified the bugs and has already issued patches to device manufacturers. Users will be able to update their devices to the latest security updates in the coming weeks.

Until then, CERT-In recommends avoiding untrusted Wi-Fi networks and Bluetooth connections, especially on devices suspected to be vulnerable. Users are also advised to check for firmware updates on their devices regularly.

Recently, a similar security concern was raised for Qualcomm-powered Android smartphones over an ongoing wave of vulnerabilities affecting major mobile chipset providers. Chipsets like Snapdragon 480+ 5G, Snapdragon 662, 8 Gen 2 and the 2024 flagship Snapdragon 8 Gen 3 were affected, putting thousands of devices at risk. However, the company released the May 2025 security update to secure the devices.

Also read: OnePlus Nord 5 series to launch next month: Check price, specs and more

How to check for the latest security update?

Users can access the device’s settings tab to check for the latest system updates. If available, they can install the new update and reboot their devices.

Himani Jha

Himani Jha is a tech news writer at Digit. Passionate about smartphones and consumer technology, she has contributed to leading publications such as Times Network, Gadgets 360, and Hindustan Times Tech for the past five years. When not immersed in gadgets, she enjoys exploring the vibrant culinary scene, discovering new cafes and restaurants, and indulging in her love for fine literature and timeless music.