Qualcomm modem vulnerability exposes 30 % smartphones worldwide to hackers: Verify Level

Qualcomm modem vulnerability exposes 30 % smartphones worldwide to hackers: Verify Level


A flaw has been found in Qualcomm’s Cell Station Modem that impacts tens of millions of Android telephones worldwide, in accordance with Israeli safety agency Verify Level Analysis. Hackers can apparently exploit the vulnerability and get entry to textual content messages, cellphone calls, and in some instances even unlock your SIM card. Verify Level’s report says that the Cell Station Modem is an integral a part of Qualcomm’s chip courting again to the early Nineteen Nineties and nonetheless part of a few of the newest 5G chipsets.  It may be discovered on a few of the newest telephones from Xiaomi, Google, LG, Samsung, OnePlus, and extra. This implies it ought to have an effect on a majority of Android smartphones worldwide.

The analysis agency estimates that as much as 30 % of all Android telephones have the Qualcomm modem software program that has this vulnerability. The report additional tells us that hackers can exploit the vulnerability to “inject malicious code into the modem from Android. This provides the attacker entry to the person’s name historical past and SMS, in addition to the power to hearken to the person’s conversations.” As stated, attackers can exploit the vulnerability to unlock the SIM card and overcome any limitations set by service suppliers.

Qualcomm Snapdragon 400 Series 5G Processor

Qualcomm is conscious of the vulnerability and has already issued a repair. In an announcement, the San Diego chipset maker’s consultant stated, “Qualcomm Applied sciences has already made fixes obtainable to OEMs in December 2020, and we encourage end-users to replace their units as patches grow to be obtainable.”

Nonetheless, {the catalogue} quantity assigned to the vulnerability — CVE-2020-11292 — isn’t included in any Android safety revealed since 2020, however there are probabilities that Google might have included it in a safety replace with out mentioning it within the bulletin. Based on a Qualcomm spokesperson, the corporate will tackle it within the June 2021 safety replace.

Whereas it isn’t clear if all affected units have been patched, a Verify Level consultant has advised Tom’s Information, “From our expertise, the implementation of those fixes takes time, so lots of the telephones are probably nonetheless liable to the menace.”

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *