Security researchers recently discovered a set of vulnerabilities that make it possible to run malicious code on mobile phones and possibly intercept calls. Vulnerabilities are found in a very large percentage of mobile phones in the world.
Researchers at security firm Check Point Research were behind these findings. Technical details are described in a Research Report published on the company’s websites.
The vulnerabilities in question lie in the Taiwanese company MediaTek’s mobile chipset, more specifically the sound processor (DSP) which is part of the system chipset.
According to Check Point, MediaTek system chips are present in 37 percent of the world’s mobile phones. analysis company the interview It operates, however, with a slightly higher figure, 43 percent. Thus, we are talking about chips that are in almost half of mobile phones in the world.
Many cheaper Samsung Galaxy models, as well as a number of models from Xiaomi and Oppo, among others, use MediaTek chipsets.
Check Point Research discovered the vulnerabilities by disassembling the audio processor firmware and the Android API responsible for communicating with the audio processor, called Audio Manager.
A malicious Android app can exploit vulnerabilities to gain privileged access locally on the mobile, and this access can in turn be used to send messages to the sound processor firmware. This in turn can be used to hide and run malicious code on the sound processor.
It was fixed last month
Since the firmware on the sound processor can access the audio data itself, the attack could theoretically also enable hackers to eavesdrop on a mobile user, the researchers say. No action is required by the user to exploit the vulnerabilities.
Vulnerabilities that carry tracking codes CVE-2021-0673And CVE-2021-0661And CVE-2021-0662 And CVE-2021-0663It was fixed in October, which is the good news. However, it has been possible for malicious actors to exploit the vulnerabilities for a longer period of time, which could cause significant damage.
Without an update, it is possible that the hacker has exploited the vulnerabilities to listen in on calls from Android users. Moreover, the security flaws could have been abused by the hardware manufacturers themselves to create a massive eavesdropping campaign, Check Point security researcher Slava McAfeev said in a press release.
– While we don’t see any specific evidence of such abuse, we were quick to reveal our findings to MediaTek and Xiaomi. In short, we’ve demonstrated a completely new attack vector that can abuse the Android API, he adds.
All technical details about the findings of Check Point Research can be found at Research Report.
“Web specialist. Lifelong zombie maven. Coffee ninja. Hipster-friendly analyst.”