But the vulnerability in the widely used Qualcomm SoCs discovered today by Check Point Research is particularly alarming. Theoretically, it could allow a malicious application to access software for Qualcomm’s MSM modem chips, giving it access to call and text history or even the ability to record conversations.
The overview of problems in Check Point is extremely technical. But to put it laymanly, vulnerabilities have been found in the links between the Qualcomm Modem Interface (QMI) modem software layer and the debugging service, allowing it to dynamically patch software and bypass common security mechanisms.
Standard standalone apps do not have security privileges to access QMI, but if the more critical aspects of Android were compromised, this attack could be used.
In addition to the vulnerabilities they found, the researchers found that the malicious application could eavesdrop and record an active phone call, receive calls and SMS recordings, or even unlock the SIM card. Check Point estimates that the QMI software detected as vulnerable is present in about 40% of smartphones, with manufacturers including Samsung, Google, LG, OnePlus, Xiaomi and others.
- Uber is providing booking a vaccine appointment through its app
- Samsung Galaxy S8 officially retired
- Apple Watch may receive massive health upgrade
Although the methods for this attack have been described extensively, certain necessary information has been omitted from the report to prevent anyone from easily duplicating the procedure. For now, there is no indication that this method of attack is actually used.
Qualcomm has been aware of this problem since CPR discovered it in October last year and confirmed it as a highly rated vulnerability, passing it on to Android manufacturers using its modems. At the time of writing, the vulnerability has not been fixed, but it is assumed that both Qualcomm and Google are working to incorporate the solution into a future security patch.