Overview
- Ledger’s Donjon detailed a pre‑boot vulnerability in MediaTek processors and Trustonic’s TEE that allows USB extraction of root keys, automatic PIN recovery, and full‑disk decryption in roughly 45 seconds.
- A Nothing CMF Phone 1 was compromised in a live demo, with seed phrases pulled from popular mobile wallets including Trust Wallet, Base, Kraken Wallet, Rabby, Tangem, and Phantom.
- MediaTek provided patches to device manufacturers in January and published an incident report in March (case 2026-20435), yet specific affected handset models beyond the CMF Phone 1 remain unconfirmed.
- The flaw could expose messages, photos, financial information, and account credentials on unpatched devices, though exploitation requires physical access via a USB connection.
- Donjon separately demonstrated electromagnetic fault injection on Dimensity 7300 (MT6878) to disrupt the boot process and bypass security checks at the highest privilege level.