Sign In

Communications of the ACM

ACM TechNews

Qualcomm Chip Vulnerability Puts Millions of Phones at Risk


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
A smartphone and its apps.

The Check Point security firm found 400 code vulnerabilities on Qualcomm's Snapdragon digital signal processor chip, used in more than 40% of Android smartphones worldwide.

Credit: ttgtmedia.com

The Check Point security firm found 400 code vulnerabilities on Qualcomm's Snapdragon digital signal processor (DSP) chip, used in more than 40% of Android smartphones worldwide.

A hacker would only have to persuade a target to download a simple, innocuous application without any permissions in order to exploit the flaws.

Check Point's Yaniv Balmas said affected devices could be hijacked to spy on and track users, install malware, and even prevent the device from being fixed.

He added that hundreds of millions of phones are at risk even though Qualcomm has fixed the issues, and mitigating all the flaws will take months, possibly years.

Balmas said DSP vulnerabilities are especially serious because the chips are managed as "Black Boxes," and a review of their design, functionality, or code by anyone but Qualcomm is extremely difficult.

From Computer Weekly
View Full Article

 

Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA


 

No entries found