Security experts from Check Point Research have discovered a serious vulnerability in Qualcomm modems that
What does it mean
Vulnerability SMU-2020–11292 affects Mobile modemsStation Modern. These are systems-on-a-chip developed by the company that are used for voice calls and SMS. The bug also uses the Qualcomm MSM Interface (QMI), a protocol that allows software components of the modem and other subsystems to communicate with each other.
QMI is used on about 30% of gadgetsfrom Android all over the world. Theoretically, hackers can attack any of these devices, but the user needs to install a special application with the Trojan. Once launched, the malicious code will hide in the modem chip and will not be visible, and hackers will be able to listen to calls, read SMS and perform other actions remotely.
What to do
Qualcomm said they are aware of this problemand a fix has already been released. But patches may not spread as quickly as we would like, because gadget manufacturers still have to implement them into their firmware.
"Providing technologies that supportRobust security and privacy is a priority for Qualcomm. We thank the security researchers at Check Point for their use of standard coordinated disclosure techniques. Qualcomm Technologies has already provided all required patches to OEMs in December 2020, and we encourage end users to update their devices as new patches become available,” Qualcomm said in a statement.