Checkpoint targets the Achilles heel of Android smartphones

Qualcomm  w630 - Checkpoint targets the Achilles heel of Android smartphones

DSP (Digital Signal Processing) chips are devices present in many computer devices and used to process a complex signal in an optimized way. These chips are used in particular in modems, GPS receivers but also in telephones. Checkpoint researchers have chosen to focus in particular on one of these chips marketed by Qualcomm and integrated within the SoC (System on a Chip) Snapdragon.

In a presentation given on the occasion of Defcon and followed by a blog post, the researchers at CheckPoint explain having discovered a large number of vulnerabilities affecting this component, which they describe as "a complete computer on a chip", with software and hardware features. According to them, the chip studied by CheckPoint researchers equips 40% of mobile devices running Android, which includes phones sold by the main players in the market.

The Checkpoint research team explains having identified "more than 400 pieces of vulnerable code", which resulted in the attribution of 9 CVE (CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208 and CVE-2020-11209). Common Vulnerability Exposure (CVE) is a tool used by the security industry to identify security vulnerabilities using a unique identifier. This set of flaws, called “Achilles” by Checkpoint researchers in reference to the Achilles heel, could be used for different effects: to conceal the presence of malicious code, to render the targeted device inoperative or to spy on communications on the target device.

While waiting for the patches

In a presentation given at the conference, DefCon, Checkpoint researcher Slava Makkaveev, gave a demonstration of how these vulnerabilities work, which allows him to take control of a phone from a simple application running. by the user. The presentation gives a little more technical details on the flaws, in particular the vulnerabilities discovered in the Hexagon SDK offered by Qualcomm to manufacturers to exploit the functionalities of the DSP chip.

Qualcomm has been made aware of the flaws in question and communicated on the matter through one of its spokespersons, as quoted by CNET.com: “We worked with researchers to validate the problem and make the appropriate protections available. We encourage end users to update their devices as patches become available and only install apps from trusted locations such as the Google Play Store. "
Checkpoint explains in its blog that details of the vulnerabilities in question have not yet been released, in order to allow time for the Android ecosystem to release the necessary fixes.

(function(d, s, id) { var js, fjs = d.getElementsByTagName(s)(0); if (d.getElementById(id)) return; js = d.createElement(s); js.id = id; js.src = "http://connect.facebook.net/fr_FR/all.js#appId=243265768935&xfbml=1"; fjs.parentNode.insertBefore(js, fjs); }(document, 'script', 'facebook-jssdk'));



Categories Tech

Leave a Comment