The Check Point security firm found 400 code vulnerabilities on Qualcomm's Snapdragon digital signal processor (DSP) chip, used in more than 40% of Android smartphones worldwide.
A hacker would only have to persuade a target to download a simple, innocuous application without any permissions in order to exploit the flaws.
Check Point's Yaniv Balmas said affected devices could be hijacked to spy on and track users, install malware, and even prevent the device from being fixed.
He added that hundreds of millions of phones are at risk even though Qualcomm has fixed the issues, and mitigating all the flaws will take months, possibly years.
Balmas said DSP vulnerabilities are especially serious because the chips are managed as "Black Boxes," and a review of their design, functionality, or code by anyone but Qualcomm is extremely difficult.
From Computer Weekly
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found