Security News > 2021 > May > Android phones may be vulnerable to security flaw in Qualcomm chip
In a research report published Thursday, cyber threat intelligence provider Check Point Research revealed certain details on a flaw it identified in 2020 in Qualcomm mobile station modem chips, including ones used in 5G devices.
Mobile phone makers must apply the patch and roll out the fix to users, which means that any device not yet updated would still be vulnerable.
"The mobile vendors themselves must apply the fix. Qualcomm says it has notified all Android vendors, and we spoke to a few of them ourselves. We do not know who patched or not. From our experience, the implementation of these fixes takes time, so many of the phones are likely still prone to the threat."
Responsible for cellular communications, high definition recording and other features, the MSM is outfitted in 40% of phones around the world and in the majority of Android devices, such as ones from Google, Samsung, LG, Xiaomi and OnePlus.
The discovered flaw could be exploited through the Qualcomm MSM Interface, a protocol that fosters communication between software in the MSM and device peripherals such as cameras and fingerprint scanners, Check Point said.
To take advantage of this security hole, an attacker would also need to get past the existing Android security protections in the first place, the company added.