Mediatek SU, exploit rooting nearly 100 devices, inc. Sony, Nokia, Alcatel, BLU and Amazon

Mediatek SU is an exploit or rootkit, like many others that exist to root Android devices, which basically exploits a vulnerability in devices with a Mediatek processor to obtain temporary root. The procedure is surprisingly simple, since it does not even require unlocking the bootloader of these computers. The only thing that is needed is to execute some commands through ADB from the PC, or from a terminal app on the same phone.

To root with Mediatek SU, download the zip of this script, unzip and copy the “mtk-su” to the directory / data / local / tmp / of the mobile. With ADB you access the shell with the command «adb shell». You change to the mentioned directory with cd / data / local / tmp /, you change the exploit permissions with the command chmod 755 mtk-su and finally you execute it with the command ./mtk-su.

How to root with Mediatek SU (MTK SU). ADB Commands.

If your phone supports MTK SU, the command line will change the adb shell ($) symbol to the superuser or root (#) symbol, from where you can execute commands with root permissions.

This procedure gets a temporary root, which means that you will lose the root if you restart the device and you will have to reload the mtk-su as indicated if you want to get the root again. To achieve permanent root, once the process is done, you must install SuperSU, although apparently this only works if you have an Amazon tablet with Fire OS 5.

Another disadvantage is for devices with Android 6 or higher, where the “Verified Boot and dm-verity” is activated, according to XDA. This means that you will not be able to make modifications to system partitions that only have read permissions, such as the system and vendor partition.

The affected Mediatek CPUs are “virtually” all 64-bit versions, including some of the MT65XX, MT67XX and MT81XX series. There are almost 100 confirmed devices that have been able to root with this exploit, listed below. I say “able” because several of them have probably already been patched to avoid this rooting method (MTK-SU is more than a year old). Possibly several more will be protected with upcoming monthly updates released by some manufacturers, now that this vulnerability has been further exposed.

Acer Iconia One 10 B3-A30
Acer Iconia One 10 B3-A40
Alba tablet series
Alcatel 1 5033 series
Alcatel 1C
Alcatel 3L (2018) 5034 series
Alcatel 3T 8
Alcatel A5 LED 5085 series
Alcatel A30 5049 series
Alcatel Idol 5
Alcatel / TCL A1 A501DL
Alcatel / TCL LX A502DL
Alcatel Tetra 5041C
Amazon Fire 7 2019 – up to Fire OS 6.3.1.2 build 0002517050244 only
Amazon Fire HD 8 2016 – up to Fire OS 5.3.6.4 build 626533320 only
Amazon Fire HD 8 2017 – up to Fire OS 5.6 .4.0 build 636558520 only
Amazon Fire HD 8 2018 – up to Fire OS 6.3.0.1 only
Amazon Fire HD 10 2017 – up to Fire OS 5.6.4.0 build 636558520 only
Amazon Fire HD 10 2019 – up to Fire OS 7.3.1.0 only
Amazon Fire TV 2 – up to Fire OS 5.2.6.9 only
ASUS ZenFone Max Plus X018D
ASUS ZenPad 3s 10 Z500M
ASUS ZenPad Z3xxM (F) MT8163-based series
Barnes & Noble NOOK Tablet 7 ″ BNTV450 & BNTV460
Barnes & Noble NOOK Tablet 10.1 ″ BNTV650
Blackview A8 Max
Blackview BV9600 Pro (Helio P60)
BLU Life Max
BLU Life One X
BLU R1 series
BLU R2 LTE
B LU S1
BLU Tank Xtreme Pro
BLU Vivo 8L
BLU Vivo XI
BLU Vivo XL4
Bluboo S8
BQ Aquaris M8
CAT S41
Coolpad Cool Play 8 Lite
Dragon Touch K10
Echo Feeling
Gionee M7
HiSense Infinity H12 Lite
Huawei GR3 TAG-L21
Huawei Y5II
Huawei Y6II MT6735 series
Lava Iris 88S
Lenovo C2 series
Lenovo Tab E8
Lenovo Tab2 A10-70F
LG K8 + (2018) X210ULMA (MTK)
LG K10 (2017)
LG Tribute Dynasty
LG X power 2 / M320 series (MTK)
LG Xpression Plus 2 / K40 LMX420 series
Lumigon T3
Meizu M5c
Meizu M6
Meizu Pro 7 Plus
Nokia 1
Nokia 1 Plus
Nokia 3
Nokia 3.1
Nokia 3.1 Plus
Nokia 5.1
Nokia 5.1 Plus / X5
Onn 7 ″ Android tablet
Onn 8 ″ & 10 ″ tablet series (MT8163)
OPPO A5s
OPPO F5 series / A73 – Android 8.x only
OPPO F7 series – Android 8.x only
OPPO F9 series – Android 8.x only
Oukitel K12
Protruly D7
Realme 1
Sony Xperia C4
Sony Xperia C5 series
Sony Xperia L1
Sony Xperia L3
Sony Xperia XA series
Sony Xperia XA1 series
Southern Telecom Smartab ST1009X (MT8167)
TECHNO Spark 3 series
Umidigi F1 series
Umidigi Power
Wiko Ri from
Wiko Sunny
Wiko View3
Xiaomi Redmi 6 / 6A series
ZTE Blade A530
ZTE Blade D6 / V6
ZTE Quest 5 Z3351S

The mobile brands in which MTK-SU does not work, despite having Mediatek CPUs, are Samsung, Vivo, Huawei / Honor and OPPO (in the latter, provided they have Android 8 or higher), because «they use modifications in the kernel to prevent root access through exploits “, according to” diplomatic “, the creator of this rooting method.

If root is not your purpose, the best thing is that as soon as the next security update arrives on your computer, apply it to avoid being the victim of any app that takes advantage of this vulnerability to get root on your device and be able to install malware, access all your data and in general take control of your Android device. There are apps like this, and in fact Google removed three of these from the Play Store, which got root using MTK-su.

Very unfortunately, it is quite likely that many of the affected devices will never receive an update to this bug, as several are very old and although Mediatek has already patched this vulnerability on all CPUs that have the problem, it will not be able to force the Manufacturers distribute the patch to their users.

References : XDA-Developers: 1 (Tutorial), 2; Android Police

Related articles :

What is it and how to root an Android cell phone?

Watch out for KingRoot, a Chinese APK that contains malware

Kingo Root, utility to root through an APK or from the PC

Receive updates: SUBSCRIBE by email and join 10,000+ readers. Follow this blog on Facebook and Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *