Samsung smartphones are protected against Qualcomm severe chip vulnerability


According to a security research company, Check Point, there is a vulnerability in Qualcomm’s 5G modem chip. According to the research agency, this vulnerability will affect about 30% of Android smartphones globally. The discovery of this vulnerability dates back to December last year. It may allow hackers to remotely attack Android users by injecting malicious code into the phone’s modem, gain the ability to execute code, access mobile users’ call records and text messages, and eavesdrop on calls. According to reports, this vulnerability affects Google Pixel, LG smartphones, OnePlus, Samsung Galaxy series, and Xiaomi devices. Fortunately, Samsung’s May 2021 security update has resolved this Qualcomm security vulnerability. Earlier today, Samsung updated its security bulletin with the latest patch to confirm this.

Qualcomm 5G chip samsung

Previously, Samsung’s May 2021 security patch update log did not mention Qualcomm’s “CVE-2020-11292” vulnerability. Today Samsung updated this page to include new information about the vulnerability. It is worth mentioning that Samsung also mentioned in its May 2021 security patch announcement that the company has been patching the vulnerability since January 2021.

Gizchina News of the week

The company did not disclose the Galaxy devices that have this update before May. However, the fix is ​​now part of the latest security patch. This update is already available for low-end to high-end Samsung Galaxy smartphones.

Qualcomm’s chip vulnerability

According to Check Point Research, the vulnerability (CVE-2020-11292) exists in Qualcomm’s mobile station modem (MSM) interface, called QMI. MSM is a system on chip (SoC) from  Qualcomm. QMI is a proprietary protocol for communication between software components in the modem and other peripheral subsystems.

Read Also:  Snapdragon 8 Gen 2 Vs A16 Bionic SoC performance - Who takes the crown?

The impact of this vulnerability may be far-reaching. MSM has been in mobile devices since the 2G era. According to Check Point data, QMI is used in about 30% of mobile phones worldwide.

A Check Point spokesperson said, “assuming a malicious application is running on a mobile phone, it can use this vulnerability to hide in the modem chip, making it invisible to all current security measures on mobile phones”.

Fortunately, Qualcomm already has a fix, but the rollout of the patch will be slow. According to Qualcomm, it has notified all Android vendors. However, the company does not know which of these vendors eventually released the patch to their users.

This is not the first time that Qualcomm’s chips will be having serious defects. For example, Check Point disclosed six serious flaws in Qualcomm’s Snapdragon mobile chipset at DEF CON last year. This vulnerability exposed about 40% of Android smartphones to denial of service and other attacks.

Source/VIA :
Previous Apple Vs Epic: Microsoft testifies in support of Epic
Next Honor 50 / Huawei nova 9 rear camera design leaks in a blurry image