Security issue altered in Qualcomm mobile chip modems
By MYBRANDBOOK
Cyber security researchers have discovered a high-risk security vulnerability in Qualcomm mobile chip responsible for cellular communication in nearly 40 per cent of the high-end phones offered by Google, Samsung, LG, Xiaomi and OnePlus.
According to CheckPoint Research, if exploited, the vulnerability in Qualcomm mobile station modem (MSM) would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations. Vulnerability also could have potentially allowed an attacker to unlock a mobile device's SIM.
Qualcomm has confirmed the bug and fixed the issue and mobile players are notified. The chip-maker classified the high-rated vulnerability as CVE-2020-11292, notifying the relevant device vendors. Qualcomm provides a wide variety of chips that are embedded into devices that make up over 40 per cent of the mobile phone market.
According to Counterpoint Research, Qualcomm's Mobile Station Modem is a system of chips that provides capabilities for things like voice, SMS, and high-definition recording, mostly on higher-end devices.
The Check Point team found that if a security researcher wanted to implement a modem debugger to explore the latest 5G code, the easiest way to do that is to exploit MSM data services through QMI so could a cybercriminal, of course.
In a blog post they said, "During our investigation, we discovered a vulnerability in a modem data service that can be used to control the modem and dynamically patch it from the application processor. This means an attacker could have used this vulnerability to inject malicious code into the modem from Android, giving them access to the device user's call history and SMS, as well as the ability to listen to the device user's conversations.”
A hacker can also exploit the vulnerability to unlock the device's SIM, thereby overcoming the limitations imposed by service providers on it.
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
TAC SECURITY SOLUTIONS
QUICK HEAL TECHNOLOGIES PVT. Ltd.
TEJAS NETWORKS INDIA PVT. LTD.
AGGRESSIVE ELECTRONICS MANUFACTURING SERVICES PVT. LTD.
Technology Icons Of India 2023: Bhavish Aggarwal
Ola CEO Bhavish Aggarwal had formed Ola-India’s largest mobility pla...
Technology Icons Of India 2023: Harsh Jain
Harsh Jain is an Indian Entrepreneur, the co-founder and CEO of the In...
Technology Icons Of India 2023: Josh Foulger
Josh is the Country Head of India and MD of Bharat FIH Ltd (A Foxconn ...
DRDO is India's largest and most diverse research organisation
DRDO is the R&D wing of Ministry of Defence, Govt of India, with a vis...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
ITI Limited widening its focus area
ITI Limited is a public sector undertaking company, has manufacturing ...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...
BEETEL TELETECH LTD.
: Beetel is one of the oldest and most reputed brands in the Industry,...
REDINGTON INDIA LIMITED
Redington (India) Limited operates in the IT product distribution busi...