Foreign media reports, network security solutions provider Check Point software technology company (NASDAQ: CHKP) announced that the Qualcomm MSM (Mobile Station Modem) chip found in the security vulnerability, about 40% of the world’s cell phones use the chip for action communications; attackers can use this vulnerability will Android operating system Attackers can use this vulnerability to use the Android operating system as a portal to install malicious code or invisible viruses in the phone to access text messages and call files.
Check Point said the Qualcomm embedded chip is used in high-end cell phones including Google, Samsung, LG, Xiaomi and OnePlus. The new vulnerability is located on the Qualcomm MSM chip, a series of embedded in the phone’s SoC (system-on-a-chip), supporting 4G LTE and high quality video recording and other advanced features, there is also a 5G version. As hackers have been constantly trying to attack mobile devices from the remote end, such as sending SMS or carefully designed radio packets to communicate with the device and seize control, so the MSM chip has been the focus of information security research and cyber criminals.
Check Point also said that the Android system is also able to communicate with the MSM chip processor through Qualcomm’s QMI (Qualcomm MSM Interface). Hackers can use the vulnerability to unlock the phone’s SIM card and unlock the telecom provider’s settings. However, Check Point Research said that after discovering the vulnerability, it immediately disclosed the findings to Qualcomm, which confirmed it as a high-risk vulnerability and notified the relevant vendors and informed them of the vulnerability number CVE-2020-11292.
Check Point’s recommendations for businesses and cell phone users are as follows
- Update mobile devices to the latest version to prevent exploitation of the vulnerability.
Install only apps downloaded from official app stores to reduce the likelihood of downloading and installing mobile malware.
- Enable the Remote Wipe function on all mobile devices to minimize the risk of sensitive data loss.
- Install security solutions on mobile devices.
Recent Comments