Check Point, a security company, warned that over 900 million Android devices containing Qualcomm chips globally could be open to high risk privilege escalation vulnerabilities.
The company announced it had found four security issues in Qualcomm-powered Android devices, which it has grouped under the name Quadrooter.
Speaking at Def Con in Las Vegas on Sunday, Adam Donenfeld, senior security researcher at Check Point, stated that during the company’s research, it found, “multiple privilege escalation vulnerabilities in multiple subsystems introduced by Qualcomm to all its Android devices in multiple different subsystems” according to a report on the Def Con website.
Donenfeld said that while Google has made a number of changes to improve the security of Android devices following recent issues, such as issuing patches for three out of the four vulnerabilities, “Qualcomm, a supplier of 80 per cent of the chipsets in the Android ecosystem, has almost as much effect on Android’s security as Google”. That fact led Check Point to look into the security of Qualcomm’s chipsets, and it discovered the four flaws.
For an attacker to gain access using the fourth flaw, a user would have to download a malicious app that would execute without the need for them to approve using regular Android permission checks, which would potentially allow the attacker to gain root access to the device. This would give them full access to the entire device, from hardware to software and personal user data -- including the microphone and camera functions.
Check Point said devices using Qualcomm chipsets include the Google Nexus 5X, 6 and 6P, HTC One M9 and HTC 10, and Samsung’s Galaxy S7 and S7 Edge.
While Google has already provided patches for most of the flaws in its latest security updates, one is still outstanding and is likely to remain so until September, said ZD Net. In the meantime, manufacturers of phones using the vulnerable chips could use patches provided by Qualcomm.
Qualcomm was not prepared to comment on Quadrooter and its role in the security supply chain for Android at the time of writing.