Qualcomm modem flaw puts millions of Android users at risk

Vulnerability found in the chipmaker's Mobile Station Modem could allow hackers to listen to user conversations, although Qualcomm has downplayed the threat

The Android robot in front of lines of code

Checkpoint security researchers have found an exploit in Qualcomm's modem software that can be used to take control of Android devices.

The vulnerability resides in the chipmaker's Mobile Station Modem (MSM), which is a series of system on chips that reside on modems embedded in around 40% of smartphones on the market.

The researchers discovered a flaw that can be used to control the modem and patch it to a device's application processor. Through this, an attacker could inject malicious code into the modem from the operating system and theoretically gain access to a user's call and SMS history, while also providing a way to listen to live conversations.

Checkpoint has so far decided against publishing the full technical details of the exploit until mobile vendors have had the opportunity to release fixes, although the company said it is working with relevant government officials and mobile vendors to assist with this process.

MSM was designed for high-end smartphones and can be found in devices made by Samsung, Google, OnePlus, and Xiaomi. It supports features like 4G LTE and high definition recording and is said to be a popular target for cyber criminals.

Related Resource

Go further with mobile marketing

Easy steps to get your mobile strategy up-to-speed

Easy steps to get your mobile strategy up-to-speed - whitepaper from OracleDownload now

The Android OS communicates with the MSM chip's processor, via the Qualcomm MSM Interface (QMI), and connects to software components in the MSM and other peripheral systems within the device, such as cameras and fingerprint scanners. QMI is in around 30% of all mobiles in the world, according to Checkpoint, but little is known about its potential to be used as an attack vector.

Checkpoint said the discovered vulnerability is a potential leap in mobile chip research that it hopes will allow for a much easier inspection of the modem code by security researchers. The firm has disclosed its findings to Qualcomm, which also confirmed the issue as a "high-rated" vulnerability.

However, Qualcomm has since downplayed the significance of the vulnerability. In a statement to IT Pro, a company spokesperson said: “Providing technologies that support robust security and privacy is a priority for Qualcomm. We commend the security researchers from Check Point for using industry-standard coordinated disclosure practices.

"Qualcomm Technologies has already made fixes available to OEMs in December 2020, and we encourage end-users to update their devices as patches become available," the spokesperson added, suggesting that many fixes will have already been delivered by manufacturers over the past sixth months.

There also does not appear to be any evidence that the flaw has been exploited in the wild.

To secure a device, Checkpoint recommends following mobile-specific best practices, such as updating to the latest version of Android, only downloading apps from official stores, enabling a 'remote wipe' capability and also installing a security service on your device. 

Featured Resources

Defeating ransomware with unified security from WatchGuard

How SMBs can defend against the onslaught of ransomware attacks

Free download

The IT expert’s guide to AI and content management

How artificial intelligence and machine learning could be critical to your business

Free download

The path to CX excellence

Four stages to thrive in the experience economy

Free download

Becoming an experience-based business

Your blueprint for a strong digital foundation

Free download

Recommended

Nigerian cyber criminals target Texas unemployment system
cyber security

Nigerian cyber criminals target Texas unemployment system

27 May 2021
Hackers use open source Microsoft dev platform to deliver trojans
Security

Hackers use open source Microsoft dev platform to deliver trojans

14 May 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021
Apple patches zero-day flaw abused by infamous NSO exploit
exploits

Apple patches zero-day flaw abused by infamous NSO exploit

14 Sep 2021