- Ledger Donjon shows EM pulses can break MediaTek Dimensity 7300 boot ROM
- Attackers gain EL3 control within minutes once the timing window is mapped
- Ledger says smartphone wallets face lasting risk and need secure-element hardware
Security researchers at Ledger have identified a critical, unpatchable vulnerability in the silicon architecture of MediaTek’s Dimensity 7300 processor, effectively shattering the “Root of Trust” for millions of Android devices.
The findings, published by Ledger’s Donjon unit, detail a hardware-level exploit that allows attackers to bypass all security layers and seize control of the device’s most privileged execution mode.
The ‘Silicon Permanence’ Problem
The vulnerability resides in the Boot ROM, the immutable “read-only” code baked into the processor during manufacturing. Because this code is etched into the silicon, it cannot be altered or patched by over-the-air (OTA) software updates.
The investigation focused on the MediaTek MT6878, a 4 nanometer system on chip used in numerous Android handsets. According to the report, the vulnerability resides in the processor’s boot ROM, a read only component that drives the initial startup sequence. Because that logic is baked into silicon and cannot be rewritten, the defect remains permanent for devices built on the affected chip.
Related: Ledger Exposes Potential Security Flaw in Trezor Wallets
During testing, researchers applied short electromagnetic pulses at carefully measured intervals during the boot process. This interference allowed them to bypass memory-access protections and elevate execution to EL3, the top privilege tier in the ARM architecture. Once the timing window was identified, each laboratory attempt took roughly one second and succeeded between 0.1% and 1% of the time, enabling a complete compromise in minutes.
Unpatchable Flaw Undermines Smartphone Wallet Security
The research details how such attacks could weaken smartphone based private key storage even further. The team noted that users already face threats from malware, remote exploitation and supply chain issues, and that a hardware level weakness expands the surface that determined attackers can probe. The report adds that digital wallet applications on consumer phones are exposed because they rely on general purpose components that were never engineered to resist hands on electrical fault attacks.
A cryptocurrency wallet functions by holding a user’s public and private keys and facilitating asset transfers. Software wallets operate on devices connected to the internet, while hardware wallets store keys offline within dedicated secure elements designed to withstand both physical and digital intrusion attempts.
MediaTek And Ledger Draw Lines Around Security Scope
In comments included within the report, MediaTek stated that electromagnetic fault-injection attacks were outside the intended security scope for the MT6878, noting that the chipset was designed for mass-market electronics rather than high-security systems. The company added that products requiring elevated protection, such as hardware wallets, should incorporate countermeasures specifically built for EMFI resistance.
Ledger’s team concluded that devices based on the MT6878 remain exposed because the underlying flaw is embedded in unmodifiable silicon. They added that secure-element components remain essential for individuals who depend on self-custody or conduct sensitive cryptographic operations, since smartphones cannot reasonably exclude hardware attack scenarios.
Related: Apple MacOS/iOS Security Flaw: CZ Warns Crypto Users at Risk
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
