Security Expert Re: Qualcomm Vulnerability Affects 40% Of Mobile Phones

By   ISBuzz Team
Writer , Information Security Buzz | May 10, 2021 01:40 am PST

Researchers identified a high severity security vulnerability found in Qualcomm’s Mobile Station Modem (MSM) chips, (including the latest 5G-capable versions), that could enable attackers to access mobile phone users’ text messages, call history, and listen in on their conversations.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Shachar Menashe
Shachar Menashe , VP Security
May 10, 2021 9:41 am

<p>This newest security issue with Qualcomm highlights the importance of thorough security vetting pre and post-deployment. In this case, it seems we are dealing with a privilege escalation vulnerability, which means it lets potential attackers run code on the Qualcomm modem if you already have high privileges on the Android application layer.  Last fall, Vdoo <a href=\"\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"\"> disclosed a Qualcomm</a> vulnerability of a similar type – issues in QCMAP, which is part of QMI, the subject of the current vulnerability —  indicating that more vulnerabilities could be found in the QMI interface, and should be thoroughly checked.   Automated analysis can help identify zero-day vulnerabilities and configuration risks, even in closed-source components. Manufacturers need to trust that their third party components are secure, especially when these systems are used in nearly 40% of the mobile phones sold today.</p>

Last edited 2 years ago by Shachar Menashe

Recent Posts

Would love your thoughts, please comment.x