Nearly one billion devices globally affected
Over 900 million Android devices containing Qualcomm chips could be open to high risk privilege escalation vulnerabilities, according to security firm, Check Point.
Nicknamed ‘Quadrooter’, four security issues have been found by Check Point, although patches for three have already been provided by Google in its latest security update, so end users that have updated their security recently should be safe from those.
The fourth patch will not be available until September according to Google, although manufacturers of the affected devices may provide patches provided by Qualcomm in the meantime.
Speaking at one of the world’s largest annual hacker conventions, Def Con, in Las Vegas on Sunday, Adam Donenfeld, senior security researcher at Check Point, stated according to the Def Con website that during the company’s research, it found, “multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems”.
Donenfeld said that while Google has made a number of changes to improve the security of Android devices following recent issues, “Qualcomm, a supplier of 80% of the chipsets in the Android ecosystem, has almost as much effect on Android’s security as Google”. That fact led Check Point to look into the security of Qualcomm’s chipsets, and it discovered four flaws.
For an attacker to gain access using the fourth flaw, a user would have to download a malicious app that would execute without the need for them to approve the usual Android permission checks, which would allow the attacker to gain root access to the device if they are successful in their quest. This would give them full access to the entire device, from hardware to software and personal user data, including the microphone and camera functions.
Check Point said devices using Qualcomm chipsets include the Google Nexus 5X, 6 and 6P, HTC One M9 and HTC 10 and Samsung’s Galaxy S7 and S7 Edge.
Qualcomm was not prepared to comment on Quadrooter and its role in the security supply chain for Android at the time of writing.
