Security News > 2021 > May > Qualcomm Snapdragon 855 modem code flaw exposed Android smartphones to possible snooping

A heap overflow vulnerability in Qualcomm's Snapdragon 855 system-on-chip modem firmware, used in Android devices, could be exploited by baddies to run arbitrary code on unsuspecting users' devices, according to Check Point.

The software bug, tracked as CVE-2020-11292, can be abused to trigger a heap overflow in devices that use a Qualcomm Mobile Station Modem chip, thanks to some in-depth jiggery-pokery in the Qualcomm MSM Interface voice service API. "If exploited, the vulnerability would have allowed an attacker to use Android OS itself as an entry point to inject malicious and invisible code into phones, granting them access to SMS messages and audio of phone conversations," said some not-at-all-excitable researchers from Israeli security firm Check Point in a blog post today.

The vuln, with a CVSSv3 score of 7.8, was disclosed and patched in autumn last year, Qualcomm told The Register.

QMI is a Qualcomm protocol that handles communications between a mobile handset's modem and other peripheral subsystems that humans can jab, poke and wipe their dead fingerprints across.

Malicious people, in Check Point's words, could use this vulnerability "To inject malicious code into the modem from Android, giving them access to the device user's call history and SMS, as well as the ability to listen to the device user's conversations."

A Qualcomm spokesman told The Register: "We commend the security researchers from Check Point for using industry-standard coordinated disclosure practices. Qualcomm Technologies has already made fixes available to OEMs in December 2020, and we encourage end users to update their devices as patches become available."

News URL

https://go.theregister.com/feed/www.theregister.com/2021/05/06/qualcomm_snapdragon_855_heap_overflow/