Snapdragon Chips Are Vulnerable to Several Attacks
Qualcomm has been the largest supplier of mobile chips to more than a billion Android OEMs. Their chips are incorporated in more than 90% of US devices and have a share of more than 40% in world smartphones. Well, this makes Apple devices safer. As per Check Point’s report, the vulnerabilities tracked as CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208, and CVE-2020-11209 can be exploited by attackers to track users. The issue is more specifically vested in one of the components of Snapdragon chips, known as Digital Signals Processor (DSP), which is used for digital image and signal processing like telecommunications between other components. The hack can start with a malicious file being downloaded from an unknown source, or even downloading a multimedia content received by others. This can trigger any of the above-said vulnerabilities to let the attacker;
Plant malware or other malicious code that’s completely hidden and becomes un-removable. Can make the mobile constantly unresponsive, thereby making the content stored in that device unavailable. Can use the mobile as a spy tool. This doesn’t need any user interaction but gives the ability to exfiltrate data like photos, videos, call-recording, real-time microphone data and location data to the hacker.
Patch Available, But Takes Time
Upon reporting to Qualcomm, the maker has made a patch for these vulnerabilities in DSP, but it takes a long time to reach the end-user devices. Since Snapdragon chips are used by over a billion smartphones now, it takes time for all OEMs to push this patch as an update to all users.