Security experts from the security firm Checkpoint have found four major vulnerabilities, dubbed Quadrooter, in the firmware running on the in the Qualcomm chips that equip modern Android devices. The Quadrooter flaws could be exploited by hackers to “trigger privilege escalations for the purpose of gaining root access to a device,”
“Check Point today disclosed details about a set of four vulnerabilities affecting 900 million Android smartphones and tablets that use Qualcomm® chipsets.” states the blog post published by Checkpoint.
“QuadRooter is a set of four vulnerabilities affecting Android devices built using Qualcomm chipsets. Qualcomm is the world’s leading designer of LTE chipsets with a 65% share of the LTE modem baseband market. If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device.”
More than 900 million users are vulnerable to a range of attacks, the attackers could use for example a malware which wouldn’t require special permissions to gain control over the mobile device.
Qualcomm chips are the core components of devices manufactured by major mobile vendors, it accounts for the 65 percent of the market.
The four security vulnerabilities are:
The good news is that three on four vulnerabilities have already been patched, the remaining flaw will be rolled out in the upcoming September update. In cases like this one, the real problem is the time spent by handset manufacturers for releasing a patch. At the time I was writing only Google’s Nexus devices have already been patched by the company.
“Providing technologies that support robust security and privacy is a priority for Qualcomm Technologies. We were notified by the researcher about these vulnerabilities between February and April of this year, and made patches available for all four vulnerabilities to customers, partners, and the open-source community between April and July. The patches were also posted on CodeAurora. QTI continues to work proactively both internally as well as with security researchers to identify and address potential security vulnerabilities.”a Qualcomm spokesperson said.
In a typical attack scenario, a hacker needs to write a malicious code and send it to the victim or he can trick victims into installing a malicious app. Once installed, the malware allows the attacker to gain privilege escalation on the affected devices. Data and applications on mobile, the microphone, and the camera will be under complete control of the attacker.
“Such an app would require no special permissions to take advantage of these vulnerabilities, alleviating any suspicion users may have when installing,” states the analysis published by Check Point.
If you want to check if your mobile device is vulnerable to Quadrooter attack use the Check Point’s free app.
(Security Affairs – Quadrooter , Android)