A newly discovered vulnerability in the MediaTek Dimensity 7300 chipset has raised significant security concerns. This flaw allows physical attackers to extract device PINs, decrypt storage, and access cryptocurrency wallet seed phrases in under a minute. Approximately 25% of Android users are potentially at risk due to their devices’ reliance on this chipset.
Discovery of the Vulnerability
The security flaw was identified by Ledger’s Donjon research team, who pinpointed it in the Boot ROM of the MediaTek Dimensity 7300 chip. This component executes the first code when a device starts, operating at the highest hardware privilege level before the Android system loads.
Because the Boot ROM is permanently embedded in the chip’s silicon, this core vulnerability cannot be fixed with a software update. However, Ledger’s team demonstrated the potential impact by using Electromagnetic Fault Injection (EMFI), a technique that disrupts the chip’s operations with timed electromagnetic pulses. This method allows attackers to bypass security layers and execute arbitrary code at the highest privilege level.
Impact on Android Devices
Ledger’s proof-of-concept was conducted on a Nothing CMF Phone 1, which was compromised within 45 seconds. This demonstration showed that attackers could retrieve the device PIN, decrypt data, and access seed phrases from multiple cryptocurrency wallets.
The vulnerability impacts various applications, including Trust Wallet, Kraken Wallet, and others. Despite a low success rate per attempt, the attack can be automated and repeated, making it a practical threat to devices using the MediaTek Dimensity 7300 and Trustonic’s Trusted Execution Environment (TEE).
Response and Mitigation
Following the disclosure of this vulnerability, MediaTek released a security patch in January 2026 to mitigate exploitation pathways, though it does not address the underlying hardware flaw. MediaTek has stated that EMFI attacks were not anticipated in the design of the MT6878 chipset.
Charles Guillemet, CTO of Ledger, emphasized the importance of transferring sensitive data to hardware wallets with certified security features. He warned that smartphones are not designed to serve as secure storage for critical information, such as private keys and seed phrases.
The affected devices include those from brands like Realme, Motorola, and Oppo, which use the MediaTek Dimensity 7300. Users are advised to apply available security patches and consider additional protective measures for their digital assets.
Stay informed with our daily updates on cybersecurity by following us on Google News, LinkedIn, and X. For more information or to share your stories, contact us.
