Security experts from Search point examination It has reported serious Qualcomm Snapdragon chipset vulnerabilities. The detected security issue creates a potential back door for a third of mobile phones in the world, including Android devices from Samsung, LG, Google, OnePlus, Xiaomi and many more.
The modems in these chips are weak, allowing attackers, among other things Unlock the SIM card and listen in on the calls. The bug affects hundreds of millions of phones, including the latest Snapdragon 888 and Snapdragon 870 processors. Since updates run in the Android ecosystem, the patch will take some time to reach all affected devices.
Where did the carpenter leave the hole?
According to a Check Point Research report, about 400 Digital Signal Processor (DSP) subsystem vulnerabilities were found in Snapdragon chips last year, which were eventually fixed in November 2020. The researchers then looked in detail at MSM modems and encountered them. Additional double.
MSM (mobile terminal modem) It is part of the chip that provides all functions related to wireless communication in modern phones, including 2G / 3G / 4G / 5G connectivity. The first device of this type was designed by Qualcomm in the early 1990s and is now present in about 40% of all smartphones. Experts focused on the question of whether this component could be misused to attack devices.
In particular, they were fascinated by the ability of the Android operating system to communicate with various MSM components and peripherals through a special communication protocol called Qualcomm MSM Interface (QMI). This solution is used in nearly 30% of all smartphones in the world.
Snapdragon 888 chipset architecture
MSM is managed by the operating system Qualcomm Real-time OS (QuRT), Which is not officially accessible even on rooted devices. TrustZone guarantees the integrity of QuRT, and there is only one possible way to access this area, and that is to exploit the vulnerabilities.
A hole in Qualcomm chips
The vulnerability in the modem data service can be exploited, which can be used to control it using an application installed on the phone. It injects malicious code into the otherwise inaccessible programs responsible for MSM management.
There is a serious security vulnerability in Qualcomm chipsets
And this is how the attacker wins Access to SMS and call log and you can start clicking on calls. Additionally, it has the same vulnerability to unlock the SIM card, bypassing all the security measures imposed by Google, mobile operators and phone manufacturers.
The good news is that Qualcomm is aware of the bug and released a fix in December 2020. However, there is no information about which phones will receive the fix and when – there is only a promise to list the vulnerability in the June security bulletin for Android, CVE-2020-11292.
This is where one of the biggest flaws of Android OS ever appears in complete nudity Software updates are released for individual devices by their manufacturers. It can easily happen that some phones (especially older ones with lower specifications that have expired) will not receive the patch at all, or will receive it with a long delay.