Offshore Costa Rica Club

Full Version: Qualcomm MSM Vulnerability That Could Give Access to SMS, Conversations
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Qualcomm MSM Vulnerability That Could Give Access to SMS, Conversations, More Revealed; Fixes Reportedly Shared With OEMs

[Image: Check_point_qualcomm_1620375374511.jpg?d...ormat=webp]

Qualcomm said in a statement that fixes were shared with OEMs in December 2020.

Qualcomm's Mobile Station Modems (MSM) had a vulnerability that could have allowed attackers to access a user's SMS, audio of phone conversations, and more. The vulnerability was discovered by research firm Check Point Research and it found over 400 vulnerabilities on Qualcomm's Snapdragon Digital Signal Processor (DSP) chip in August last year. With a vast number of Android phones using Qualcomm SoCs, this would have put a mind boggling number of users' data at risk. Qualcomm has reportedly released a patch, and Check Point Research also worked with relevant government officials as well as mobile vendors to make smartphones safer.

MSM, Check Point Research explains in a blog post, is a series of chips embedded in mobile devices and supports advanced features like 5G, 4G LTE, as well as high definition recording. It has been present in high-end phones since early 1990s. Android phones have a proprietary protocol called Qualcomm MSM Interface (QMI) that allows software components in the MSM to communicate with the cameras, fingerprint scanners, and other subsystems. Check Point Research found a vulnerability that could allow attackers to control the modem and inject malicious code into the modem from Android devices.

This would give attackers access to the user's call history and SMS records, as well as the ability to listen in on the user's conversations. It can also be used to unlock the SIM and bypass the limitations set by service providers. Check Point Research says that according to Counterpoint, QMI is present on around 30 percent of all mobile phones in the world. The vulnerability has been detailed in Check Point's blog.

Read More : pg slot