A security flaw has been discovered in Qualcomm’s chipsets that make it vulnerable to hackers. A report by Check Point Research says Qualcomm modems can be exploited to listen to conversations by a phone user, steal data and hide malware. Qualcomm’s Mobile Station Modem (MSM) has had a long history dating back to the 1990s, providing wireless connectivity support for mobile devices for several generations, up to 5G. The security firm Check Point Research says the MSM can be hacked remotely as easily as through an SMS.
Smartphones that are powered by Qualcomm chipsets are potential targets of hackers, according to the report. The vulnerability is higher for users without regular updates of their security patches, and regular software updates should be done. When the hackers gain access to a vulnerable device, they may be able to listen to calls, read through messages, and possibly unlock the SIM to gain access to private data for criminal purposes.
According to the security report, hackers can use this vulnerability in the modem to remotely control it and dynamically patch it from the application processor. The jacket could inject malicious code into the modem via Android, and access the smartphone user’s call history, messages, and calls.
However, an official statement from Qualcomm indicates that the security issue has already been fixed since December 2020 with the appropriate software updates. Therefore we believe that subsequent software updates since then could have further enhanced the security of the devices from attackers. There has not been any official response from Google on the flaws relating to Android, although there are rumors that the fix could be addressed shortly.（via)