Kryptowire is a provider of cloud-based mobile security and privacy solutions. The company is constantly monitoring possible security flaws and privacy issues on smartphones, PCs, and other devices. Now, the company has found serious security and privacy vulnerability. It affects a plethora of mobile devices featuring chips from the Chinese maker Unisoc. A few years ago, that wouldn’t mean much for the big part of Android users. However, Unisoc has been growing exponentially thanks to partnerships with companies like Realme, Oppo, Xiaomi, Nokia, and more. The company is set to occupy an important space in the budget segment market. However, let’s see if the flaw will affect its reputation.
Unisoc chips suffer from a serious breach
According to the report, the chipset has a flat that, if exploited, allows hackers to get their hands on user data and the functionality of the device. It’s affecting smartphones with the UNISOC SC9863A chipset. It’s present on several smartphones, including a myriad of recent Nokia and Realme smartphones. According to Kryptowire, the issue may allow attackers to gain access to call and system records, text messages, contacts, and other private data. They can also video record the device’s screen or utilize the external-facing camera to capture video, or even remotely operate the device, modifying or erasing the data.
Kryptowire reports the problem to the Chinese chipmaker. It also sent alerts to device manufacturers using the affected chipset as well as to carriers. The alerts were issued in December last year. We expect Unisoc to fix this issue, or simply, discontinue the Unisoc SC9863A, after all, it’s relatively old. However, the company can also use the report to check other chipsets in its portfolio. The big question now is whether OEMs will be able to patch the vulnerability. It will probably need system updates, and this isn’t a very trivial thing on super-budget smartphones. As far as Nokia is concerned, we assume a fix will arrive soon for the affected devices. After all, the company still does a decent job of updating its smartphones.
Security and Privacy flaws are something that can happen with any chipset maker. The situation is quite delicate for Unisoc. After all, the company is trying to become a relevant chipset maker for domestic and foreign mobile device makers. It has been experiencing significant growth in recent years.
Kryptowire’s, Chief Technical Officer, left the following statement to comment on the situation:
“In an increasingly competitive mobile device market, it’s imperative that device manufacturers establish and maintain trust among carriers and end users. Kryptowire’s core technology, which provides rapid, automatic vulnerability scanning without intrusion into end user data, helps stakeholders find and remediate critical security and privacy gaps faster and more efficiently, increasing confidence in the face of complex security challenges.”