Overview
- Ledger’s Donjon team demonstrated the exploit by USB-connecting a Nothing CMF Phone 1 (Dimensity 7300) and defeating protections in roughly 45 seconds before Android booted.
- The weakness targets certain MediaTek chips using Trustonic’s Trusted Execution Environment, allowing extraction of root cryptographic keys that safeguard full‑disk encryption.
- Researchers recovered lock‑screen PINs, decrypted local storage, and pulled seed phrases from popular software wallets, with risks extending to messages, photos, and account credentials.
- MediaTek developed and shared a firmware patch with OEMs on January 5 and later published an advisory tracking the issue as CVE-2026-20435, but consumer fixes depend on OEM rollouts.
- Reporting cites estimates that up to about one quarter of Android phones could be affected, and experts urge prompt security updates and use of hardware wallets or dedicated secure elements for key storage.