Qualcomm Chip Bug
Reading Time: 2 minutes

A new Qualcomm Chip bug discovered by cybersecurity researchers may allow hackers to spy on Android devices. The vulnerability in Qualcomm’s mobile station modems(MSM) might help bad actors slip malicious code into mobile phones, undetected.

According to Checkpoint, an Israeli cybersecurity firm, the vulnerability can allow the attackers to use Android OS as an entry point to inject malicious and invisible codes into smartphones. Thus granting access to SMS messages and the audio of phone conversations.

The vulnerability is being tracked as CVE-2020-11292, which is present in QMI voice service API exposed by the modem to the high-level operating system. It can be exploited by a malicious app to hide its activities underneath the OS in the modem chip. It remains invisible which makes it difficult to detect by the security protections built into the device.

Mobile phones have been using the Qualcomm MSM chips since the 1990s. It enables mobile phones to connect to cellular networks and allows the Android to communicate with the chip’s processor via the Qualcomm MSM Interface (QMI). The proprietary protocol enables the communication between the software components in the MSM and other peripheral subsystems on the device such as cameras and fingerprint scanners.

According to Counterpoint research, 40% of phones use Qualcomm MSM chip, this includes companies such as Google, Samsung, LG, Xiaomi, and One Plus, use a Qualcomm. While around 30% of the devices come with QMI in them.

The researchers said “An attacker could have used this vulnerability to inject malicious code into the modem from Android, giving them access to the device user’s call history and SMS, as well as the ability to listen to the device user’s conversations. A hacker can also exploit the vulnerability to unlock the device’s SIM, thereby overcoming the limitations imposed by service providers on it.”

The issue was reported to Qualcomm on Oct 8Qualcomm Chip Bug, 2020, by Qualcomm, after which the company notified the relevant mobile vendors.