• Office Hours : 08:00 - 17:30

Qualcomm modem flaw puts millions of Android users at risk

Checkpoint security researchers have found an exploit in Qualcomm’s modem software that can be used to take control of Android devices.

The vulnerability resides in the chipmaker’s Mobile Station Modem (MSM), which is a series of system on chips that reside on modems embedded in around 40% of smartphones on the market.

The researchers discovered a flaw that can be used to control the modem and patch it to a device’s application processor. Through this, an attacker could inject malicious code into the modem from the operating system and theoretically gain access to a user’s call and SMS history, while also providing a way to listen to live conversations.

Checkpoint has so far decided against publishing the full technical details of the exploit until mobile vendors have had the opportunity to release fixes, although the company said it is working with relevant government officials and mobile vendors to assist with this process.

MSM was designed for high-end smartphones and can be found in devices made by Samsung, Google, OnePlus, and Xiaomi. It supports features like 4G LTE and high definition recording and is said to be a popular target for cyber criminals.

Related Resource

Go further with mobile marketing

Easy steps to get your mobile strategy up-to-speed

Easy steps to get your mobile strategy up-to-speed - whitepaper from OracleEasy steps to get your mobile strategy up-to-speed - whitepaper from OracleDownload now

The Android OS communicates with the MSM chip’s processor, via the Qualcomm MSM Interface (QMI), and connects to software components in the MSM and other peripheral systems within the device, such as cameras and fingerprint scanners. QMI is in around 30% of all mobiles in the world, according to Checkpoint, but little is known about its potential to be used as an attack vector.

Checkpoint said the discovered vulnerability is a potential leap in mobile chip research that it hopes will allow for a much easier inspection of the modem code by security researchers. The firm has disclosed its findings to Qualcomm, which also confirmed the issue as a “high-rated” vulnerability.

However, Qualcomm has since downplayed the significance of the vulnerability. In a statement to IT Pro, a company spokesperson said: “Providing technologies that support robust security and privacy is a priority for Qualcomm. We commend the security researchers from Check Point for using industry-standard coordinated disclosure practices.

“Qualcomm Technologies has already made fixes available to OEMs in December 2020, and we encourage end-users to update their devices as patches become available,” the spokesperson added, suggesting that many fixes will have already been delivered by manufacturers over the past sixth months.

There also does not appear to be any evidence that the flaw has been exploited in the wild.

To secure a device, Checkpoint recommends following mobile-specific best practices, such as updating to the latest version of Android, only downloading apps from official stores, enabling a ‘remote wipe’ capability and also installing a security service on your device. 

Featured Resources

Virtual desktops and apps for dummies

An easy guide to virtual desktop infrastructure, end-user computing, and more

Download now

The total economic impact of optimising and managing your hybrid multi-cloud

Cost savings and business benefits of accelerating the cloud journey

Download now

A buyer’s guide for cloud-based phone solutions

Finding the right phone system for your modern business

Download now

What’s next for the education sector?

A new learning experience

Download now

See the original article here: ITPro