The Tencent team found several flaws in the Qualcomm chipsets, and these flaws can be used by attackers to take control of their victim’s device.
These three vulnerabilities which are collectively known as “QualPwn” can enable the attackers to take over their victim’s device by sending malicious packets to the user without any user interaction. To get the user’s device remotely compromised, both user and the attacker should be present on the same shared WiFi network.
According to the security researchers, two severe vulnerabilities reside in the Qualcomm chipset while the third vulnerability affects the Qualcomm Linux kernel driver. If three of these vulnerabilities are used together, they can help the attacker to fully compromise its victim’s device present on that same network.
Qualcomm Vulnerabilities Information
- The very first vulnerability that is designated as CVE-2019-10539 is a buffer overflow flaw that is present in Qualcomm’s WLAN firmware.
- The second flaw is designated as CVE-2019-10540, which is also a buffer overflow vulnerability present at the same spot as in the first flaw.
- The third loophole (CVE-2019-10538) is dangerous of them all, which affects the Linux Kernel. The attackers send malicious codes through the WiFi network to the user’s device which overwrites the Linux kernel on Android devices.
Once the hacker gets access to the Linux kernel, the whole phone is compromised. Then the attacker can get access to your sensitive data, and perform other harmful attacks on your smartphone.
Which Chipsets can be affected?
According to Qualcomm’s Bulletin, the following are the chipsets that are affected by this vulnerability:
The researcher’s team from Tencent tested these QualPwn vulnerabilities on Google Pixel 3 and Google Pixel 2 because both of these google smartphones use Qualcomm Snapdragon 845 and Snapdragon 835 chips.
These vulnerabilities were discovered back in February and March this year. The researchers then reported it to Qualcomm, and they released the patches in June, and they also informed Samsung and Google.
Google released security patches for their devices on 5th August as a part of their Security Bulletin, and the users are said to download the patches as soon as they are available.
The android users are not much aware of the vulnerability yet, and it will take time for the users to download the patches that’s why the researchers have not yet disclosed the actual PoC (Proof-of-concept) publicly because they want their users to update their devices for the prevention of this attack.