Researchers from Check Point have discovered more than 400 vulnerabilities in Qualcomm Snapdragon chips, which are installed on approximately 40% of smartphones in the world.
Using these vulnerabilities, attackers can:
- turn your Android smartphone into a spy tool and get access to all the information available on the device (photos, videos, call recordings, real-time microphone sound, GPS data, location data, etc.);
- hide the malicious activity of malware and other malicious code, making malware virtually indelible;
- force the device to stop responding to commands, after which all information stored on this phone will become inaccessible.
CheckPoint presented its report at DefCon 2020. Experts say the problems were found in the digital signal processor (DSP), which can be found in almost every Android smartphone in the world, including devices from Google, Samsung, LG, Xiaomi, OnePlus and other vendors.
DSP vulnerabilities are a great opportunity for hackers. These chips are a new attack surface and a weak point for mobile devices. The point is that DSPs are more vulnerable, since they are controlled like “black boxes”. That is, it is extremely difficult for everyone except the manufacturer to test their functionality and code”, — write Check Point experts.
Check Point used modern testing technologies, including fuzzing, to gain insight into the internals of the DSP.
Researchers have already passed information on their findings to Qualcomm, and the chipmaker has acknowledged the vulnerabilities and notified the relevant vendors of the problems.
The vulnerabilities were identified as CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208, and CVE-2020-11209.
So far, Check Point has decided not to publish full technical information about these vulnerabilities, giving mobile device manufacturers a comprehensive solution to address the issues described. By publishing an introductory article about these vulnerabilities, the specialists only tried to draw public attention to these issues.
Qualcomm representatives have already commented on the situation and said that they have done everything to test the problem and provide OEMs with appropriate recommendations on how to fix it.
Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to OEMs. We encourage end users to update their devices as patches become available and install applications only from trusted locations such as the Google Play Store”, – said in Qualcomm.
The company has no evidence that hackers exploited discovered vulnerabilities.
Let me remind you that in December last year, Google had to fix about 40 serious vulnerabilities in Android, including 12 high-risk vulnerabilities in Qualcomm components, and ten problems in Qualcomm closed-source components, three of which were considered critical.