Checkpoint’s new research has discovered more than 400 vulnerabilities in Qualcomm’s Snapdragon Digital Signal Processor (DSP) chip. If exploited, it may allow the code to control more than 40% of confidential data on smart Android phones. The call provides contacts, including location, real-time microphone data, and photos.
The digital signal processor of Qualcomm’s Snapdragon chipset is a system on a DSP chip, which is used for digital imagery and audio signal processing in many consumer devices, including TVs and smartphones. Tools used in them introduce new weak points and extend the attack surface of an instrument.
According to one report, data used by hackers without the knowledge of the user can be used for rape; The phone can be sold when a hacker attacks DDoS. Qualcomm acknowledged the weaknesses, informed Google, Samsung and other brands about it and began working on the patch.
However, given the slow rollout of Android updates, each phone receives the required patch. Yanev Balmas, head of cyber research at Checkpoint, said, “Although Qualcomm has resolved the issue, the sad part is that the story is not over.” If such weaknesses are discovered and used by the wrong actors, then millions of mobile phone users will have no way to protect themselves for too long.
Since the chipset’s DSP contains a vulnerability, branded a ‘black box’ by Qualcomm Snapdragon, vendors may find it difficult to understand their depth and design and subsequently work on fixes. A Qualcomm spokesperson told Forbes: “Providing technology that supports strong security and privacy is a priority for Qualcomm. Regarding the Qualcomm computer DSP vulnerabilities pointed out by the checkpoint, we worked diligently to validate the issue and make OEMs appropriate.
We have no evidence that it is being exploited. We encourage end users to update their devices as patches become available and only install applications from trusted locations such as the Google Play Store.