Wednesday, Aug 17, 2022
English News
  • Hyderabad
  • Telangana
  • Andhra Pradesh
  • India
  • World
  • Entertainment
  • Science and Tech
  • Sport
  • Business
  • ...
    • NRI
    • View Point
    • cartoon
    • Columns
    • Reviews
    • Education Today
    • Property
    • Videos
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • Columns
  • Reviews
  • Education Today
  • Property
  • Videos
  • Lifestyle
Home | Tech | Bug In Qualcomm Mobile Chip Puts Android Users Privacy At Risk

Bug in Qualcomm mobile chip puts Android users’ privacy at risk

By IANS
Published: Updated On - 04:13 PM, Sat - 8 May 21
Bug in Qualcomm mobile chip puts Android users’ privacy at risk
If exploited, the vulnerability in Qualcomm mobile station modem (MSM) would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones

New Delhi: Cyber security researchers have discovered a high-risk security vulnerability in Qualcomm mobile chip responsible for cellular communication in nearly 40 per cent of the high-end phones offered by Google, Samsung, LG, Xiaomi and OnePlus.

If exploited, the vulnerability in Qualcomm mobile station modem (MSM) would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations, according to Check Point Research.

Vulnerability also could have potentially allowed an attacker to unlock a mobile device’s SIM, according to the cyber security company.

Qualcomm has confirmed the bug and fixed the issue and mobile players are notified, according to the researchers.

The chip-maker classified the high-rated vulnerability as CVE-2020-11292, notifying the relevant device vendors.

Qualcomm provides a wide variety of chips that are embedded into devices that make up over 40 per cent of the mobile phone market.

According to Counterpoint Research, Qualcomm’s Mobile Station Modem is a system of chips that provides capabilities for things like voice, SMS, and high-definition recording, mostly on higher-end devices.

“Phone-makers can customise the chips so they do additional things like handle SIM unlock requests. The chips run in 31 per cent of the world’s smartphones”, according to figures from Counterpoint Research.

The Check Point team found that if a security researcher want to implement a modem debugger to explore the latest 5G code, the easiest way to do that is to exploit MSM data services through QMI so could a cybercriminal, of course.

“During our investigation, we discovered a vulnerability in a modem data service that can be used to control the modem and dynamically patch it from the application processor,” they said in a blog post on Thursday.

“This means an attacker could have used this vulnerability to inject malicious code into the modem from Android, giving them access to the device user’s call history and SMS, as well as the ability to listen to the device user’s conversations,” they added.

A hacker can also exploit the vulnerability to unlock the device’s SIM, thereby overcoming the limitations imposed by service providers on it.

“Mobile devices should always be updated to the latest version of the OS to protect against the exploitation of vulnerabilities. Only installing apps downloaded from official app stores reduces the probability of downloading and installing a mobile malware,” the researchers advised.

In August 2020, Check Point Research found over 400 vulnerabilities on Qualcomm’s Snapdragon DSP (Digital Signal Processor) chip that threatened the usability of mobile phones.

  • Follow Us :
  • Tags
  • Android
  • Cyber Security
  • Google
  • LG

Related News

  • Android 13 rolled out with new features for Pixel devices

    Android 13 rolled out with new features for Pixel devices

  • 6 in 10 people see false or misleading information daily or weekly

    6 in 10 people see false or misleading information daily or weekly

  • Kailash Kher joins celebs calling for an end to rumours about Raju Srivastava

    Kailash Kher joins celebs calling for an end to rumours about Raju Srivastava

  • ‘There will be blood on streets,’ Google execs warn employees about layoffs

    ‘There will be blood on streets,’ Google execs warn employees about layoffs

  • Samsung likely to sell 9 mn Galaxy Fold 4, Flip 4 foldables this year

    Samsung likely to sell 9 mn Galaxy Fold 4, Flip 4 foldables this year

  • Google expands AI-based content advisories to more searches

    Google expands AI-based content advisories to more searches

Latest News

  • Opinion: Powering Gati Shakti

    3 hours ago
  • Editorial: Dragon in the room

    3 hours ago
  • Hyderabad girl Pulakita Hasvi scales 2 European peaks in 24 hours

    3 hours ago
  • Short-term agri loans: NAFSCOB chairman welcomes Centre’s decision

    3 hours ago
  • Health and Tech: More power to the brain

    3 hours ago
  • Monkeypox may spread via close contact too: CDC

    3 hours ago
  • TRS tackled flouride issue: Minister Jagadish Reddy

    3 hours ago
  • Telangana High Court clears decks for Daggubati farm, others

    4 hours ago

company

  • Home
  • About Us
  • Contact Us

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

© Copyrights 2022 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam