A new Android vulnerability, tracked as CVE-2026-20435, could let attackers gain access to a phone in under 60 seconds by exploiting certain MediaTek SoCs that use Trustonic’s TEE. According to MediaTek’s March Security bulletin, the flaw affects devices built on these SoCs, with researchers demonstrating an exploit that retrieved the device PIN, decrypted storage, and extracted seed phrases from several software wallets when the phone is connected to a laptop via USB.
The vulnerability could defeat full-disk encryption and lock-screen protections before Android fully boots, leaving affected devices at risk even if they are lost or stolen. Reportedly, about one in four Android phones could be affected, though the exact impact depends on the device model and patch status. MediaTek has released a firmware patch that manufacturers can include in security updates, and users are advised to ensure they are fully patched with the latest update from their device maker. If unsure, users should check their SoC via resources like GSMArena and cross-check with MediaTek’s bulletin to determine exposure.