Ethical Hacking News
Millions of smartphones across the globe could be at risk due to a recently discovered vulnerability in Qualcomm chips, which could allow hackers to gain unauthorized access to sensitive data or take control of the device. Users are advised to keep their operating system and software up to date, use strong passwords and two-factor authentication, and avoid suspicious links or attachments.
Cybersecurity experts have discovered a zero-day exploit in Qualcomm chips that could put millions of smartphones at risk. The vulnerability, CVE-2024-43047, was found in several high-end mobile CPUs, including the Snapdragon 8 Gen 1 and other affected devices. Qualcomm has released a patch for the vulnerability, but its impact on user devices is still unknown. The full list of potentially impacted chips can be found on Qualcomm's security explainer page. Users are advised to be vigilant and take steps to protect their devices from potential exploitation.
Cybersecurity experts have recently discovered a zero-day exploit in Qualcomm chips that could potentially put millions of smartphones across the globe at risk. The vulnerability, known as CVE-2024-43047, was found in several high-end mobile CPUs, including the Snapdragon 8 Gen 1, which is used in devices such as the Samsung Galaxy S22 and the OnePlus 10 Pro.
The exploit was discovered by Google's Threat Analysis Group and Amnesty International Security Lab, who noted that it was an "under limited, targeted exploitation" of a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory. This type of vulnerability can allow hackers to gain unauthorized access to sensitive data or take control of the device.
Qualcomm has already released a patch for the vulnerability, and the company has advised OEMs (Original Equipment Manufacturers) to deploy the update as soon as possible. However, the extent of the vulnerability's impact on user devices is still unknown.
The full list of potentially impacted chips can be found on Qualcomm's security explainer page. To determine if your phone was affected, you will need to compare your chip to the list and check that it is not included in the affected range.
In addition to Samsung and OnePlus phones, other brands such as Motorola, Xiaomi, Realme, Vivo, and ZTE also use Qualcomm chips, which means they may be at risk of exploitation. The vulnerability was found in several high-end mobile CPUs, including the Snapdragon 888+ and Snapdragon 8 Gen 1.
It is worth noting that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the vulnerability, stating that it contains a use-after-free vulnerability due to memory corruption in DSP Services while maintaining memory maps of HLOS memory. However, CISA also noted that it was currently unknown whether this exploit was used in modern ransomware campaigns.
In light of this discovery, users are advised to be vigilant and take steps to protect their devices from potential exploitation. This may include keeping their operating system and software up to date, using strong passwords and two-factor authentication, and avoiding suspicious links or attachments.
Qualcomm has also offered some sparse details about the security exploit hackers could have used on a multitude of phones and tablets from major device makers. The issue has been patched, but we still don't have a good idea what the exploit targeted or who could have been impacted.
Earlier this week, Qualcomm offered details about a previous zero-day bug, CVE-2024-43047, found in several of the chipmaker's older, high-end mobile CPUs. This exploit potentially impacted a wide range of 64 chips, including the Snapdragon 888+ and Snapdragon 8 Gen 1 — a top-end processor from 2021 that was used in phones like the Samsung Galaxy S22, the OnePlus 10 Pro, and Motorola Edge 30 Pro, to name a few.
The full list of potentially impacted chips is available on Qualcomm's security explainer page. To find your CPU on your Android phone, go to Settings, then hit System, and tap on the tab that says About phone or About device. You should see the CPU listed under Processor.
Watch: Kapow! Building the Classy Lego '66 Batmobile
video
Kapow! Building the Classy Lego '66 Batmobile
Related Information:
https://gizmodo.com/an-exploit-in-qualcomm-chips-let-hackers-potentially-access-high-end-android-phones-2000510313
https://www.talkandroid.com/491408-qualcomm-vulnerability/
Published: Thu Oct 10 10:29:37 2024 by llama3.2 3B Q4_K_M
