India Issues Urgent Security Alert for MediaTek-Powered Devices
India’s national cybersecurity agency, CERT-In, has issued a high-severity alert for millions of devices powered by MediaTek chipsets, warning users to immediately update their firmware and adopt safe usage practices. The vulnerabilities, found across multiple MediaTek processor lines, affect smartphones, smart TVs, Wi-Fi routers, tablets, laptops, and a wide array of IoT devices widely used in India.
MediaTek Vulnerability
The alert, flagged under advisory ID CIVN-2025-0119, outlines critical software flaws within various MediaTek platforms. These include heap overflow bugs, null pointer dereferences in Bluetooth and Wi-Fi components, improper authentication in WLAN modules, and unbounded recursion in the IMS (IP Multimedia Subsystem). Devices using MediaTek’s MT79xx, MT69xx, Kompanio, Helio, and Dimensity chipsets—including popular variants like G70, G96, G99, and P60—are among those at risk.
Affected Devices
Any consumer device that runs on the affected chipsets could be compromised. This encompasses several Android smartphones, budget laptops, smart televisions, routers, and smart home gadgets. Given the widespread use of MediaTek-powered hardware in India’s electronics ecosystem, the scale of potential exposure is significant.
Threat to Users
CERT-In has warned that attackers exploiting these vulnerabilities could gain unauthorised access to user data, escalate privileges, install malicious code, or crash systems via denial-of-service techniques. The agency has classified the threat as critical and urged users to treat the advisory with immediate seriousness.
Install Security Updates
Users are advised to check their device settings and install the latest firmware updates provided by OEMs. MediaTek has already issued necessary patches through its June 2025 security bulletin, and manufacturers are in the process of rolling them out. To stay protected, users should navigate to Settings > Software Update and apply any pending security patches.
Secure Network Practices
Until updates are installed, it is recommended to avoid using public or untrusted Wi-Fi networks, as attackers could exploit vulnerable devices through exposed communication channels. Users should also disable unnecessary Bluetooth or network services when not in use.
Safe Usage Habits
Avoid downloading apps or clicking on links from unknown sources. Enable antivirus and threat detection tools, especially if your device is among those powered by the affected chipsets. Routine monitoring and cautious digital behaviour will go a long way in mitigating risks.
Government and Industry Response
CERT-In has called upon device manufacturers and service providers to coordinate the swift rollout of security patches and communicate updates clearly to customers. MediaTek has collaborated with partners to accelerate distribution, while cybersecurity professionals continue to monitor for any signs of mass exploitation.
Why This Matters
With over a billion connected devices in India, vulnerabilities in a widely used chipset can open the floodgates to large-scale cyberattacks. As India deepens its reliance on digital infrastructure, ensuring hardware-level security becomes as important as software firewalls. CERT-In’s advisory is a reminder that digital safety starts with proactive updates and informed user behaviour.
Users are strongly urged to update their devices without delay and follow recommended safety guidelines to stay protected in an increasingly connected world.
