The Achilles heel of the Snapdragon: more than 400 vulnerabilities would put your mobile at risk

Snapdragon chip flaws put >1 billion Android phones at risk of ...

Among the many manufacturers of processors for Android, Qualcomm is the most popular thanks to its Snapdragon. However, these processors are not perfect, and a study by CheckPoint has revealed that the Californian manufacturer still has much work to improve on safety issues.

In this study, CheckPoint Research has detailed more than 400 vulnerabilities found in a very specific component of Snapdragon processors, present in mobiles from Google, Samsung, Xiaomi, OnePlus, and many more.

But what is that vulnerable component and what is it for?

The Snapdragon DSP, guilty of these security problemsMobile processors are much more than a CPU and for years they have been called System on a Chip (SoC), an abbreviation that indicates that everything necessary for the operation of the mobile is there.

The DSP or P processor of S ENAL Digital is an important element in the experience of the smartphone, though not usually have a major role in the technical specifications. Their role is the one indicated by their name, and their scope corresponds mainly to audio, but they also handle other multimedia tasks. Qualcomm's DSP is so powerful that it is capable of supporting the CPU and GPU in Artificial Intelligence tasks.

Researchers warn of an Achilles' heel security flaw for Android ...

However, about security, it seems that it has aspects to improve, and it is that Checkpoint Research has announced that in a study that they have called Achilles (Achilles) they have found more than 400 vulnerabilities. The name of the study could not be more appropriate and is that the DSP Hexagon becomes the Achilles heel of the Snapdragon.

These vulnerabilities present a great risk for users, since according to the study, if this knowledge fell into the wrong hands, it could have a great impact on our experience, with these three being the greatest risks:
  1. An attacker could spy on your mobile without the need for user interaction: photos, videos, call recording, real-time microphone recording, and GPS.
  2. Make your mobile unusable constantly, making all information that requires the DSP remains unavailable.
  3. Malware could exploit this vulnerability to hide and make itself impossible to remove.
Over one BILLION Android phones may be at risk of 400 'Achilles ...

As for the vulnerabilities themselves, Checkpoint has decided not to make Qualcomm's security bugs public to give the company time to fix those bugs, providing details about the vulnerability to the company.

Post a Comment