A high severity vulnerability has been found in Qualcomm’s Mobile Station Modem (MSM) chips (including the latest 5G-capable versions) that could enable attackers to access mobile phone users’ text messages, call history, and listen in on their calls. Qualcomm MSM is a series of 2G, 3G, 4G, and 5G capable System on Chips (SoCs) used in roughly 40% of mobile phones by multiple vendors, including Samsung, Google, LG, OnePlus, and Xiaomi. “If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones,” according to Check Point researchers who found the vulnerability tracked as CVE-2020-11292. The vulnerability could also allow attackers to unlock the subscriber identification module (SIM) used on mobile devices to store network authentication information and contact info securely. To exploit CVE-2020-11292 and take control of the modem and dynamically patch it from the application processor, attackers must abuse a heap overflow weakness in the Qualcomm MSM Interface (QMI) interface used by the company’s cellular processors to interface with the software stack. Malicious apps could also use this flaw to hide their activity under cover of the modem chip itself, effectively masking itself from security features. Check Point disclosed their findings to Qualcomm in October, who later confirmed their research, rated the security bug as a high severity vulnerability and notified the relevant vendors.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased