Qualcomm chips found a serious vulnerability: millions of Android devices at risk

Security experts at Check Point Research have discovered a serious vulnerability in Qualcomm modems that could affect millions of Android devices.

The vulnerability of SMU-2020-11292 concerns the Mobile Station Modern modems. These are systems-on-a-chip developed by the company and are used for voice calls and SMS. The error also uses the Qualcomm MSM Interface (QMI), a protocol that allows the software components of the modem and other subsystems to communicate with each other.

QMI is used by about 30% of Android gadgets around the world. In theory, hackers can attack any of these devices, but the user needs to install a special Trojan-based application. Once launched, the malicious code will hide in the modem chip and will not be visible, and hackers will be able to listen to calls, read SMS, and perform other actions remotely.

Qualcomm said they are aware of the issue and have already released a fix. But patches may not spread as fast as we would like, because gadget manufacturers still have to implement them in their firmware.

“Delivering technologies that support robust security and privacy is a priority for Qualcomm. We thank the Security Researchers at Check Point for using industry-standard coordinated disclosure practices. Qualcomm Technologies has already provided OEMs with all the required patches in December 2020 and we encourage end-users to update their devices as new patches become available.

Qualcomm said in a statement.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.

Alexandr Ivanov earned his Licentiate Engineer in Systems and Computer Engineering from the Free International University of Moldova. Since 2013, Alexandr has been working as a freelance web programmer.
Function: Web Developer and Editor
E-mail: except.freenews@gmail.com
Alexandr Ivanov

Spelling error report

The following text will be sent to our editors: