Home > Android/Apps > Samsung phones already protected against modem vulnerability that lets hackers listen to your calls

Samsung phones already protected against modem vulnerability that lets hackers listen to your calls


Google and other Android manufacturers try to keep on top of the hardware and software security, at varying degrees of intensity. But a vulnerability in widely-used Qualcomm SoCs disclosed by Check Point Research today was particularly alarming. It could theoretically allow a malicious app to patch the software for Qualcomm’s MSM modem chips, giving it access to call and text history or even the ability to record conversations. Thankfully, most Samsung phones have already received a patch fixing the problem, and the rest is in for an update next month.

Check Point’s breakdown of the issue is extremely technical. But to put it in layman’s terms, vulnerabilities were found in the connections between the Qualcomm Modem Interface (QMI) software layer of the modem and the debugger service, allowing it to dynamically patch the software and bypass the usual security mechanisms. Standard third-party apps don’t have security privileges to access to QMI, but if more critical aspects of Android were compromised, this attack could be used.

With the vulnerabilities they found, the researchers determined that a malicious app could listen in to and record an active phone call, get call and SMS records, or even unlock a SIM card. Check Point estimates that the QMI software it discovered as vulnerable is present in approximately 40% of smartphones, from vendors including Samsung, Google, LG, OnePlus, Xiaomi, and more.

Samsung was quick to issue a statement on the issue itself, saying that “While a number of Samsung devices have already been patched starting in January of 2021, most Samsung devices with an Android Security Patch Level of May 1, 2021 or later, will be considered protected from the disclosed vulnerability.” The company encourages owners to install patches as soon as they’re available.

While the methods for this attack were described in broad terms, specific necessary information was withheld from the report in order to prevent anyone from easily duplicating the process. As of now, there’s no indication that this method of attack is actually being used “in the wild.”

Qualcomm has been aware of this issue since CPR disclosed it to it in October of last year, and has confirmed it as a high-rated vulnerability, passing it along to Android manufacturers that use its modems. At the time of writing the vulnerability has not been fixed, but presumably both Qualcomm and Google are working on incorporating a solution into a future security patch.

Source link

Hi guys, this is Kimmy, I started LicensetoBlog to help you with the latest updated news about the world with daily updates from all leading news sources. Beside, I love to write about several niches like health, business, finance, travel, automation, parenting and about other useful topics to keep you find the the original information on any particular topic. Hope you will find LicensetoBlog helpful in various ways. Keep blogging and help us grow as a community for internet lovers.