Cybersecurity researchers have disclosed a brand new safety vulnerability in Qualcomm’s cell station modems (MSM) that might doubtlessly permit an attacker to leverage the underlying Android working system to slide malicious code into cell phones, undetected.
“If exploited, the vulnerability would have allowed an attacker to make use of Android OS itself as an entry level to inject malicious and invisible code into telephones, granting them entry to SMS messages and audio of telephone conversations,” researchers from Israeli safety agency Verify Level said in an evaluation printed in the present day.
The heap overflow vulnerability, tracked as CVE-2020-11292, resides within the QMI voice service API uncovered by the modem to the excessive degree working system, and may very well be exploited by a malicious app to hide its actions “beneath” the OS within the modem chip itself, thus making it invisible to the safety protections constructed into the system.
Designed for the reason that Nineteen Nineties, Qualcomm MSM chips permits cell phones to hook up with mobile networks and permit Android to take to the chip’s processor by way of the Qualcomm MSM Interface (QMI), a proprietary protocol that permits the communication between the software program elements within the MSM and different peripheral subsystems on the system akin to cameras and fingerprint scanners.
Whereas 40% of all smartphones in the present day, together with these from Google, Samsung, LG, Xiaomi, and One Plus, use a Qualcomm MSM chip, an estimated 30% of the gadgets include QMI in them, in keeping with research from Counterpoint.
“An attacker may have used this vulnerability to inject malicious code into the modem from Android, giving them entry to the system consumer’s name historical past and SMS, in addition to the flexibility to hearken to the system consumer’s conversations,” the researchers mentioned. “A hacker also can exploit the vulnerability to unlock the system’s SIM, thereby overcoming the constraints imposed by service suppliers on it.”
Verify Level mentioned it notified Qualcomm of the problem on Oct. 8, 2020, following which the chipmaker notified related cell distributors.
“Offering applied sciences that help sturdy safety and privateness is a precedence for Qualcomm,” the corporate informed The Hacker Information by way of electronic mail. “Qualcomm Applied sciences has already made fixes obtainable to OEMs in December 2020, and we encourage finish customers to replace their gadgets as patches develop into obtainable.” The corporate additionally mentioned it intends to incorporate CVE-2020-11292 within the public Android bulletin for June.
This isn’t the primary time important flaws have been present in Qualcomm chips. In August 2020, Verify Level researchers disclosed greater than 400 safety points — collectively referred to as “Achilles” — in its digital sign processing chip, enabling an adversary to show the telephone right into a “good spying device, with none consumer interplay required.”
“Mobile modem chips are sometimes thought-about the crown jewels for cyber attackers, particularly the chips manufactured by Qualcomm,” mentioned Yaniv Balmas, head of cyber analysis at Verify Level. “An assault on Qualcomm modem chips has the potential to negatively have an effect on a whole lot of thousands and thousands of cell phones throughout the globe.”