Security researchers from Tencent’s Blade Team released a notice that the Qualcomm chipset exposes millions of android smartphones to hackers.
Any user with a tablet or phone that uses this cpu is effected by the flaw called QualPwn. The bug allows attackers to take control of the phones remotely by crafting special packets that are sent over the air.
Three bugs make up QualPwn (CVE-2019-10539, CVE-2019-10540 and CVE-2019-10538). The prerequisite for the attack is that both the attacker and targeted Android device must be active on the same shared Wi-Fi network.
“One of the vulnerabilities allows attackers to compromise the WLAN and modem, over-the-air. The other allows attackers to compromise the Android kernel from the WLAN chip. The full exploit chain allows attackers to compromise the Android kernel over-the-air in some circumstances,” wrote researchers.
Blade.tencent.com stated “QualPwn is a series of vulnerabilities discovered in Qualcomm chips. One of the vulnerabilities allows attackers to compromise the WLAN and Modem over-the-air. The other allows attackers to compromise the Android Kernel from the WLAN chip. The full exploit chain allows attackers to compromise the Android Kernel over-the-air in some circumstance. These vulnerabilities were discovered by Tencent Blade Team. We will share what we found about QualPwn in BlackHat USA 2019 and DEFCON 27.”
Is there a workaround/fix?
We have reported all the details of the vulnerabilities to Google and Qualcomm who are have issued fixes. Qualcomm released a security bulletin to OEMs on 2019-6-03 describing the issues and requesting the OEMs to download and incorporate appropriate patches. Please check the security bulletin of Google and Qualcomm for further information and update.
Android security bulletin: https://source.android.com/security/bulletin/2019-08-01
Qualcomm security bulletin: https://www.qualcomm.com/company/product-security/bulletins
- Barracuda urges customers to replace Email Security Gateway
- Zero-day vulnerability in the MOVEit file transfer application
- Critical Jetpack Plugin Flaw Addressed in Urgent WordPress Update for Millions of Sites
- Vulnerability With Arris Routers
- Is Your Microsoft Exchange Server Vulnerable to ProxyNotShell Flaw?