Trending

Stories

Researchers Find High-risk Security Vulnerability in Qualcomm Mobile Chip

Tidio Live Chat Software - Add Tidio live chat software to your website in minutes. Contact visitors and turn them into happy customers. Enhance their experience and boost your sales. Get it for Free

WP Rocket - WordPress Caching Plugin

Must Read

Cybersecurity researchers have discovered a high-risk security vulnerability in the Qualcomm mobile chip responsible for cellular communication in nearly 40 percent of the high-end phones offered by Google, Samsung, LG, Xiaomi, and OnePlus.

If exploited, the vulnerability in Qualcomm mobile station modem (MSM) would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations, according to Check Point Research.

Also Read

According to the cyber security company, vulnerability also could have allowed an attacker to unlock a mobile device’s SIM.

Qualcomm has confirmed the bug and fixed the issue, and mobile players are notified, according to the researchers.

Elegant Themes - The most popular WordPress theme in the world and the ultimate WordPress Page Builder. Get a 30-day money-back guarantee. Get it for Free

The chip-maker classified the high-rated vulnerability as CVE-2020-11292, notifying the relevant device vendors.

Qualcomm provides a wide variety of chips that are embedded into devices that make up over 40 percent of the mobile phone market.

According to Counterpoint Research, Qualcomm’s Mobile Station Modem is a system of chips that provides capabilities for things like voice, SMS, and high-definition recording, mostly on higher-end devices.

“Phone-makers can customise the chips so they do additional things like handle SIM unlock requests. The chips run in 31 per cent of the world’s smartphones”, according to figures from Counterpoint Research.

The Check Point team found that if a security researcher wants to implement a modem debugger to explore the latest 5G code, the easiest way to do that is to exploit MSM data services through QMI so could a cybercriminal, of course.

“During our investigation, we discovered a vulnerability in a modem data service that can be used to control the modem and dynamically patch it from the application processor,” they said in a blog post on Thursday.

“This means an attacker could have used this vulnerability to inject malicious code into the modem from Android, giving them access to the device user’s call history and SMS, as well as the ability to listen to the device user’s conversations,” they added.

A hacker can also exploit the vulnerability to unlock the device’s SIM, thereby overcoming the limitations imposed by service providers on it.

“Mobile devices should always be updated to the latest version of the OS to protect against the exploitation of vulnerabilities. Only installing apps downloaded from official app stores reduces the probability of downloading and installing a mobile malware,” the researchers advised.

In August 2020, Check Point Research found over 400 vulnerabilities on Qualcomm’s Snapdragon DSP (Digital Signal Processor) chip that threatened the usability of mobile phones.

iThemes WordPress Hosting

Stay updated

Subscribe to our newsletter and never miss an update on the latest tech, gaming, startup, how to guide, deals and more.

Latest

Stories

- Advertisement -
- Advertisement -

Latest

Grow Your Business

Place your brand in front of tech-savvy audience. Partner with us to build brand awareness, increase website traffic, generate qualified leads, and grow your business.

- Advertisement -

Grow Your Business

Get these business solutions, tools and services to help your business grow.
Elementor

Elementor -Join 5,000,000+ Professionals Who Build Better Sites With Elementor. Build your website with 100% visual design that loads faster and speeds up the process of building them.

WP Rocket

WP Rocket - Speed up your website with the most powerful caching plugin in the world. The website speed increase means better SEO ranking, user experience, and conversation. It’s a fact that Google loves a fast site.

Kinsta

Kinsta - If you are looking for WordPress managed hosting, Kinsta is in the leading front. Kinsta provides WordPress hosting for a small or large business that helps take care of all your needs regarding your website with cutting-edge technology.

OptinMonster

OptinMonster - Instantly boost leads and grow revenue with the #1 most powerful conversion optimization toolkit in the world. 700,000+ websites are using OptinMonster to turn their traffic into leads, subscribers, and sales.

Related

- Advertisement -
- Advertisement -
Samsung Galaxy S23 Ultra: The New Android King Twitter To End Free API February 9 MLS Season Pass Now Available On Apple TV App Tesla To Increase Giga Shanghai EV Production to 20,000 Weekly  OpenAI Releases Tool To Detect AI-generated Text Tesla Records Double Net Profit in 2022 India to Produce Upcoming iPhones: Trade Minister Japanese Professor Developed A Power Semiconductor made of Diamond Google Releases New Product for India’s Merchants Indian EV Startup Unveil Two AutoBalancing Electric Scooters
OPPO Find X6 Pro Images Render via Weibo Sony Develops New Tech to Reduce Noise of Image Sensors Tesla’s S & Y Models Earn Best-in-Class Cars of 2022 India Approved $320m to Promote Homegrown Payments Network Twitter Roll Out TikTok-like ‘For You’ Timeline on iOS Nothing Phone Enters US with Beta Membership Program Finally! Apple’s VR Headset Coming this Spring Harvard Scientists Develop New Cell Therapy to Kill, and Prevent Brain Cancer