A vulnerability detected in a component of Qualcomm's modems has endangered about 30% of Android phones on the market, according to The Record. This vulnerability, published in a Check Point report and recognized by Qualcomm, would allow cybercriminals to patch the modem to inject malicious code, thus obtaining access to the user's call and SMS history.
Similarly, Check Point states that, by taking advantage of this vulnerability, users' own conversations could also be listened to and the SIM card unlocked. Qualcomm, in response to the security firm, ensures that they have already submitted a patch to fix the problem, but it falls on the roof of the manufacturers to apply it or not.
Almost one in three Android phones, affected by this vulnerability
Israeli cybersecurity firm Check Point has discovered a vulnerability under the name CVE-2020-11292, which affects approximately 30% of Android phones in the world. This is due to the QMI protocol of Qualcomm modems, included in their mobile processors. This is Qualcomm's proprietary protocol that allows the modem to communicate with other subsystems wirelessly.
"An attacker can use this vulnerability to inject malicious code into the modem from Android. This gives the attacker access to the user's call and SMS history, as well as the ability to listen to conversions. An attacker can exploit this vulnerability to unlock as well , thus bypassing the limitations of service providers imposed on the mobile device. " Check Point.
Among the services included in this protocol, we find voice services, sending SMS messages, access to the network, administration of SIM data and others. Thus, if the protocol security is breached, malicious code can be injected and access said data.
The patch to solve this error has already been sent to Android manufacturers, but it is up to them to send the update or not
Qualcomm, in response to the investigators' report, told Check Point that a patch was released in December 2019 to fix this issue, but that it is the Android manufacturers who must apply it.
In other words, if the manufacturer does not apply such a security patch, the device is unprotected. The latest data on the distribution of versions in Android indicates a great fragmentation, since there are many phones that are left without updating and unprotected against this type of threats. From Engadget Mobile we have contacted Qualcomm to try to expand this information.