Ledger Warns of Unpatchable Security Flaws in Popular Smartphone Chip

Last Updated: December 04, 2025

3 min read

Ledger is warning about a popular smartphone processor chip with security flaws. The chip is being used in the crypto-centric Solana Seeker device and contains an unfixable and critical vulnerability that could allow attackers to fully compromise the security of the device. According to new research by hardware wallet firm Ledger, these security flaws make smartphones vulnerable to attacks, including the extraction of private keys.

Sign up on Coinflare and secure your raffle tickets to compete for a Tesla Model 3 and additional prizes. The more you trade, the larger the prize pool grows.

In the report released by Ledger on Wednesday, the company revealed that its security team successfully executed an attack on the MediaTek Dimensity 7300 (MT6878) system-on-chip by bypassing all security protections and gaining access to what Ledger describes as “full and absolute control” over the device.

The exploit relies on a technique using electromagnetic pulses to disrupt the chip during its earliest boot stages. Ledger security engineers Léo Benito and Charles Christen said this approach enabled them to override the chip’s security boundaries. This gave them access to highly sensitive data, including private keys often stored on smartphones by crypto users.

“There is simply no way to safely store and use one’s private keys on those devices,” Christen and Benito said.

Unfixable Hardware-level Flaws

As the issue is embedded in the silicon itself, Ledger emphasized that no software update or security patch can fix the issue. Even once disclosed, the flaw leaves all affected devices permanently exposed. Although the attack’s success rate is low (between 0.1% and 1% per attempt), the Ledger team noted it can be executed repeatedly and rapidly. By rebooting the device and attempting a fault injection roughly once per second, an attacker could compromise a phone “in only a matter of minutes.”

MediaTek has acknowledged Ledger’s findings but said that electromagnetic fault injection attacks fall “out of scope” for the MT6878’s intended uses. The company stresses that the chip is designed for standard consumer products, not high-security environments such as financial devices or hardware security modules.

MediaTek released a statement in which they said, “For products with higher hardware security requirements, such as hardware crypto wallets, we believe that they should be designed with appropriate countermeasures against EMFI attacks.”

Ledger reported that the vulnerability was disclosed to MediaTek in early May, shortly after the researchers successfully exploited it.

Sign up on Coinflare to claim your raffle tickets and enter for a chance to win a Tesla Model 3 along with other exciting rewards.

Disclaimer: All content on The Moon Show is for informational and educational purposes only. The opinions expressed do not constitute financial advice or recommendations to buy, sell, or trade cryptocurrencies. Trading involves significant risk and may result in substantial losses. Always seek independent financial advice before making investment decisions. The Moon Show is not responsible for any financial losses or decisions made based on the information provided.

Please view the full disclaimer at: https://themoonshow.com/disclaimer