Check Point Researchers (Cpr) have found and announced a vulnerability in Qualcomm’s 4G and 5G modems (Msm), the chip that manages the telecommunications of almost 40% of smartphones in the world. “If exploited, the vulnerability would allow an attacker to inject malicious code into modems from Android itself, granting access to the user’s call history and SMS messages, as well as the audio of the user’s telephone conversations, without the victim being notice it, “say the division threat intelligence experts at Check Point Software Technologies.
Furthermore, “the flaw would allow the unlocking of the Sim of a device, thus overcoming the limitations imposed by service providers, “they warn. The researchers stress that” most of the efforts of both cybercriminals and security researchers attempt to exploit cellular network-side communication. However, CPR’s latest research focused on the second interface, ultimately proving that an attacker could use the Android OS side as an entry point into the MSM “.
If exploited, the flaw found by CPR “can allow any malicious app to hide its traces inside modem chips, making itself completely invisible to the Android operating system and any security measures it has. In other words, if we assume that a phone is infected with an app, it can use the vulnerability to ‘hide’ much of its activity ‘under’ the operating system. Cpr reports that it “disclosed its research results to Qualcomm, which confirmed the problem, notified the mobile vendors and produced the following classification: Cve-2020-11292.
Yaniv Balmas, Head of Cyber Research at Check Point Software Technologies, points out that “Cell phone modem chips are often tempting to cybercriminals,” especially those of Qualcomm. An attack on Qualcomm modem chips has the potential to compromise hundreds of millions of smartphones around the world. Despite this, few realize how vulnerable they are these chips due to the inherent design difficulty related to access and inspection. ”
“Our analysis shows that there is a dangerous vulnerability in these chips, revealing how an attacker could use Android itself to inject malicious code into smartphones without being detected,” adds Balmas.
“I believe our latest research is a huge step forward in mobile chip research, as verifying the modem code has always been difficult for security researchers. Moving forward, our research hopes to facilitate research to help Qualcomm and other vendors create better and safer chips, helping us promote better online security and protection for all. My main advice for Android users is to update their mobile device to the latest operating system, “finally warns the Cyber Research Manager of Check Point Software Technologies.