What you need to know
- According to reports, Qualcomm has confirmed that several of its chips, including the Snapdragon 8 Gen 1, have suffered a zero-day exploit.
- Although the attack appears to be “limited” and “targeted,” Qualcomm does not know who was affected, only that devices from Samsung, Motorola, OnePlus and others were involved. are.
- Qualcomm has confirmed that it fixed the zero-day bug in September 2024, but more information will likely emerge from the Amnesty International investigation.
Qualcomm and two more important parties have released information about “zero-day” attacks against Android.
The chipmaker detailed in a security bulletin that it has provided a fix for the “CVE-2024-43047” issue (via TechCrunch). The zero-day vulnerability has not been declared a widespread issue, with Qualcomm saying it is a “limited and targeted exploit.” Unsurprisingly, the issue caught the attention of Google and Amnesty International’s Security Lab. Both companies have reportedly launched an investigation into the “use” of the attack.
The Google Threat Analysis Group provided Qualcomm with “indications” about the issue before Qualcomm took action. The report said Amnesty International had “confirmed” the analysis group’s initial suspicions about the zero-day bug.
TechCrunch learned from Amnesty International spokesperson Hajira Mariam that the company is working on a research paper on the issue, which is “expected to be published soon.” At this time, nothing is clear about the purpose behind this exploit and who it targeted. Qualcomm did This attack was observed to have affected 64 SoCs, including Snapdragon 8 Gen 1.
The company further states that the issue pertains to devices from Samsung, Motorola, Xiaomi, OnePlus, OPPO, and ZTE. While checking nowthis issue is reported to be fixed. “The fix is now available to our customers as of September 2024,” a Qualcomm spokesperson told the publication.
Technology can (unfortunately) have serious vulnerabilities, and Qualcomm was the victim of a WLAN exploit in 2019. “QualPwn” was its name, and it allowed would-be attackers unrestricted access to the device remotely via the WLAN and its cell modem. This exploit was able to bypass the use of Qualcomm’s Secure Boot. Once inside, the attacker reportedly penetrated deep into the Android kernel and may have accessed user data.
A similar incident occurred last year with Pixel and Galaxy phones equipped with Samsung’s Exynos modem. An attacker can gain remote access via a modem, compromise your device, and cause damage.
The good news about this 2024 incident is that Qualcomm has already fixed the issue (as of September) thanks to help from Google and Amnesty International. More specific information about who was targeted by the attack and the extent of the damage caused is expected to be revealed in the future.
