A serious security vulnerability found in Qualcomm’s Mobile Station Modem (MSM) could allow bad actors to access mobile phone users’ text messages, call history and listen in on their conversations. The security problem introduces a potential backdoor into a third of all the world’s mobile phones including high end Android phones made by Samsung, Google, Google, OnePlus, LG and Xiaomi.
A report by security firm Check Point Research said it had found and reported about 400 vulnerabilities on Qualcomm’s Snapdragon Digital Signal Processor (DSP) subsystem last year which Qualcomm patched in November 2000.
More recently, researchers have discovered another vulnerability, this time in Qualcomm’s Mobile Station Modem “that can be used to control the modem and dynamically patch it from the application processor.”
“An attacker can use such a vulnerability to inject malicious code into the modem from Android. This gives the attacker access to the user’s call history and SMS, as well as the ability to listen to the user’s conversations,” Check Point’s Slava Makkaveev said in a blog post.
“A hacker can exploit the vulnerability to unlock the SIM, thereby overcoming the limitations of the service providers imposed on the mobile device,” he further added.
According to Qualcomm, all manufacturers were informed about the vulnerability in October 2020, and fixes were released and made available by December 2020, so many manufacturers have already issued security updates to end users.
If you are unsure or need assistance with updating your android device, please contact Tech TroubleShooters for assistance.