Threat Intel Flash: Sisense Data Compromise: ARC Labs Intelligence Flash

Get the Latest


Qualcomm Vulnerability Affects Nearly 40% of All Mobile Phones

A high severity vulnerability has been found in Qualcomm’s Mobile Station Modem (MSM) chips (including the latest 5G-capable versions) that could enable attackers to access mobile phone users’ text messages, call history, and listen in on their calls. Qualcomm MSM is a series of 2G, 3G, 4G, and 5G capable System on Chips (SoCs) used in roughly 40% of mobile phones by multiple vendors, including Samsung, Google, LG, OnePlus, and Xiaomi. “If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones,” according to Check Point researchers who found the vulnerability tracked as CVE-2020-11292. The vulnerability could also allow attackers to unlock the subscriber identification module (SIM) used on mobile devices to store network authentication information and contact info securely. To exploit CVE-2020-11292 and take control of the modem and dynamically patch it from the application processor, attackers must abuse a heap overflow weakness in the Qualcomm MSM Interface (QMI) interface used by the company’s cellular processors to interface with the software stack. Malicious apps could also use this flaw to hide their activity under cover of the modem chip itself, effectively masking itself from security features. Check Point disclosed their findings to Qualcomm in October, who later confirmed their research, rated the security bug as a high severity vulnerability and notified the relevant vendors.

Analyst Notes

To better protect themselves, users of these devices are advised to update their devices to the latest released operating system updates as many of the updates include security fixes. Also, users should avoid downloading apps from untrusted sources. Downloading from official app stores and only using well-reviewed and well-known apps can greatly minimize the risk of accidentally installing malicious applications.

Source Article: