Qualcomm chips in Android smartphones have a serious security issue

Nearly a third of all Android devices use modems from the company Qualcomm. According to the latest information, they contain several vulnerabilities and security flaws that can be exploited by attackers. They can, for example. unlock the SIM card, access the call list and listen to them.

Problems may also affect flagships from well-known manufacturers such as Samsung, Google, LG, OnePlus and Xiaomi. It also applies to smartphones that can be connected to a 5G network with the new Qualcomm Snapdragon 888 and Snapdragon 870 chips.

Report from the research security company Check Point Research talks about finding about 400 vulnerabilities within Qualcomm chips – Snapdragon Digital Signal Processor. However, they were corrected in November 2020. However, security personnel have recently discovered other issues related to Qualcomm chips. Specifically, it is the Mobile Station Modem, a system on a chip (SoC) that takes care of comprehensive device management and wireless management in many smartphones.

The researchers focused on the communication of the Android system and the components and peripherals of this chip using a protocol called Qualcomm MSM Interface (QMI). Malicious code was successfully inserted into Qualcomm’s MSM operating system, circumventing all security measures from Google and the smartphone manufacturer. Attackers can exploit this vulnerability if a victim installs an infected application from an unknown source.

However, Qualcomm confirmed the existence of this bug and provided a fix in December 2020. However, which smartphones will receive it, and when, it is not known, as the implementation itself must be addressed by smartphone manufacturers with their security updates. However, a fix for CVE-2020-11292 should be included in the June Android fix pack. If you have an Android device that no longer receives regular updates, this could indicate a potential security issue.

Source: TechSpot, Wccftech

Source: Technológie by pc.zoznam.sk.

*The article has been translated based on the content of Technológie by pc.zoznam.sk. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!