lswcap
Cyber security company CPR (Check Point Software) revealed that there is a vulnerability to the mobile station modem MSM, a smartphone chipset that provides functions such as smartphone voice and SNS developed by Qualcomm, by accessing call logs from outside through malware. Turn it off.
MSM, developed by Qualcomm, is designed for Android OS high-end models and supports advanced features such as 4G LTE and high-resolution recording. In addition, the Android terminal has its own protocol that enables communication between MSM software components and device subsystems such as cameras and fingerprint scanners through Qualcomm’s MSM interface QMI. have.
An attacker who exploits the vulnerability discovered this time will be able to use Android OS itself as a starting point to inject malicious code and access user call logs and SMS.
MSM is said to be used mainly on 5G smartphones such as Google, Samsung Electronics, Xiaomi, and OnePlus, and the number of affected terminals accounts for 30% of the world’s smartphones. Qualcomm’s CPR investigation revealed that more than 400 vulnerabilities were found in Snapdragon, a SoC for mobile devices, in August 2020, and that an attacker may have unauthorized access to location information and device media. Related information can be found here.
Add comment