It hasn’t been a great time for Qualcomm today after security researchers shared details about as many as 400 vulnerabilities that could potentially put a huge number of Android devices at risk.
According to reports, those who want to take advantage of the exploits could theoretically do so by having a user download a video or app, with no specific access or permissions needed. Once the exploits have been activated, an attacker could monitor audio, retrieve data, and more. Location data is also made available.
Security firm Check Point shared details about the new vulnerabilities, with Qualcomm having already issued a fix that can be used by impacted devices. However, so far, neither Android nor software shared by device makers, have implemented it. That could put a huge number of devices, all running Qualcomm Snapdragon chips, at risk.
Check Point hasn’t shared technical details about the vulnerabilities so as to avoid the chance that they will be exploited in the wild, although that might still be happening.
In a statement, Qualcomm said that users should only install apps from trusted locations and make sure their devices are updated.
Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to OEMs. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.
While installing apps via the Google Play Store is a good idea, it isn’t unheard of for malware and other malicious apps to find their way into the store undetected. Users are now left waiting for Google and OEMs to get Qualcomm’s software fix into the wild.
(Source: Ars Technica)
You may also like to check out:
- Download iOS 14 Beta 1 IPSW Links And Install On iPhone 11, Pro, XS Max, X, XR, 8, 7, Plus, 6s, iPad, iPod [Tutorial]
- iOS 14 Beta 4 Download Release Date: Here’s When To Expect
- Download: iOS 14 Beta 4 IPSW Links, iPadOS 14 Beta 4 Released
- iOS 14 Beta 4 OTA Profile File Download Released Without Dev Account, Here’s How To Get It
- Jailbreak iOS 13.6 Using Checkra1n, Here’s How [Video Tutorial]
- Jailbreak iOS 13.5 On iPhone 11, Pro Max, SE, iPad Pro, More Using Unc0ver 5.0.0 [Tutorial]
- Download: iOS 13.6 Final IPSW Links, OTA Update Released For iPhone And iPad
- Jailbreak iOS 13.5 Without Or No Computer, Here’s How
- Apple Watch ECG App Hack: Enable Outside US In Unsupported Country On Series 5 & 4 Without Jailbreak