A serious flaw in MediaTek lets hackers steal Android phone PINs in less than a minute.

The MediaTek Dimensity 7300 chipset has a serious security hole that lets a physical attacker get device PINs, decrypt on-device storage, and steal cryptocurrency wallet seed phrases in about 45 seconds This article explores ledger worked mediatek. . This is very bad news for the 25% of Android users whose devices use the affected chip.

The Ledger Donjon security research team found a flaw in the Boot ROM of the MediaTek Dimensity 7300 (also known as MT6878) chip. This is the first code that runs when the device turns on, and it runs at the highest hardware privilege level (EL3) before Android loads. Because Boot ROM is hard-coded into the processor's silicon, software patches can't fix the core hardware flaw.

Ledger's researchers took advantage of this flaw by using Electromagnetic Fault Injection (EMFI), which sends electromagnetic pulses to the chip at just the right time during boot-up to mess up its execution flow. Attackers can get around all security layers and run arbitrary code at the chip's highest privilege level without ever starting the Android operating system by connecting to the device over USB and repeatedly starting boot cycles while injecting faults. Proof of Concept: The Nothing CMF Phone 1 Ledger showed the attack on a Nothing CMF Phone 1 that was connected to a laptop through a USB cable.

In less than 45 seconds, the team got past the phone's basic security layer and successfully got the device PIN, decrypted storage, and pulled seed phrases from several software crypto wallets.

Testing showed that Trust Wallet, Kraken Wallet, Phantom, Base, Rabby, and Tangem's Mobile Wallet, among others, are affected. The attack is possible, even though the success rate for each attempt is low, because the process can be automated and done quickly over and over again until a successful fault injection happens. Ledger's research, which started in February 2025, was able to run arbitrary code by early May 2025.

After that, Ledger worked with MediaTek's security team to responsibly disclose the issue. The flaw affects Android phones that use the MediaTek Dimensity 7300 chip and the Trustonic Trusted Execution Environment (TEE). This could affect about 25% of all Android devices around the world. Realme, Motorola, Oppo, Vivo, Nothing, and Tecno are all budget and mid-range smartphone brands that were affected.

The Solana Seeker smartphone, which is focused on cryptocurrency, also uses the same chipset. MediaTek's Response and Patch Status After Ledger's responsible disclosure, MediaTek sent out a security patch in January 2026 and told all affected OEM vendors. The patch, on the other hand, only makes it harder for hackers to use the Boot ROM flaw, which is a hardware-level problem.

It does not fix the underlying silicon vulnerability. MediaTek has said before that EMFI attacks are not something that the MT6878 chipset was made for. Charles Guillemet, Ledger's CTO, said that smartphones shouldn't be used as secure vaults for private data. He told people to use security patches, but he also stressed how dangerous it is to keep private keys and seed phrases on regular devices.

Guillemet suggested moving sensitive cryptocurrency assets to dedicated hardware wallets with certified security features. This shows the difference between smartphone security and the needs of digital asset custody. LinkedIn and X for daily updates on cybersecurity.

Get in touch with us to have your stories featured.