Security researchers have uncovered a vulnerability in certain Android smartphones powered by MediaTek processors that could allow attackers with physical access to extract sensitive data, including crypto wallet seed phrases, in under a minute.
@DonjonLedger has struck again discovering a MediaTek vulnerability potentially impacting millions of Android phones. Another reminder that smartphones aren’t built for security. Even when powered off, user data – including pins & seeds – can be extracted in under a minute.
— Charles Guillemet (@P3b7_) March 11, 2026
The flaw was identified by Ledger’s security research unit, Ledger Donjon, which demonstrated the exploit on the Nothing CMF Phone 1. According to the researchers, the vulnerability affects devices using MediaTek chipsets combined with Trustonic technology.
During testing, the team connected the phone to a laptop via USB and managed to bypass core security protections within about 45 seconds
Without even booting into the Android operating system, the exploit was able to automatically recover the device’s PIN, decrypt its storage, and extract seed phrases stored by several popular crypto wallet applications.
Researchers warned that because the exploit targets the phone’s underlying hardware security layer, it can be executed even when the device is powered off
In theory, this could expose sensitive information stored in software-based crypto wallet applications if an attacker gains temporary physical access to the device.
The issue has been assigned the identifier CVE-2025-20435 and could potentially affect millions of Android smartphones that rely on MediaTek processors and Trustonic’s TEE architecture.
Ledger Donjon said it followed a responsible disclosure process, notifying the affected vendors before publishing its findings. MediaTek confirmed that it provided a security fix to smartphone manufacturers on January 5, 2026, allowing device makers to deploy patches through software updates.
The research highlights an architectural difference between general-purpose smartphone chips and dedicated hardware designed for protecting cryptographic secrets.
Security experts note that while software-based crypto wallet apps offer convenience, dedicated hardware security components, such as secure elements, provide stronger protection for private keys and seed phrases, particularly in scenarios involving physical attacks on a device.
Your web3 identity + services + payments in one single link. Get your pay3.so link today.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
