Thursday, March 28, 2024

QualPwn – Vulnerabilities in Qualcomm chips Allows Attackers to Compromise Android Devices Remotely

QualPwn, critical vulnerabilities in Qualcomm chips, that allows attackers to compromise Android device remotely over-the-air. The flaw resides in the Qualcomm’s Snapdragon WLAN component.

The series of vulnerabilities dubbed QualPwn, discovered by Tencent Blade Team, the first two vulnerabilities reside in Qualcomm chips and the third one in Android Kernel.

The vulnerabilities chained together allows attackers to compromise the Android device over-the-air without any user interaction. The over-the-air attack can be triggered if the victim and the attacker connected with the same WiFi network.

Vulnerability Impact

Researchers tested with Google Pixel2/Pixel3 and didn’t test with all the phones, “results of our tests indicate that unpatched phones running on Qualcomm Snapdragon 835,845 may be vulnerable.”

CVE-2019-10539(Compromise WLAN Issue) – Possible buffer overflow vulnerability in the WiFi firmware, due to lack of length check while parsing the extended cap IE header length.

CVE-2019-10540 (WLAN into Modem issue) – Buffer overflow vulnerability that affects Qualcomm WLAN and the vulnerability is due to lack of check of the count value received in NAN availability attribute.

Attackers can exploit the vulnerability by sending maliciously crafted packet over air, according to Qualcomm report the vulnerability affects other chipsets that includes, IPQ8074, MSM8996AU, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCS404, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712, SD 710, SD 670, SD 730, SD 820, SD 835, SD 845, SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, and SXR1130.

CVE-2019-10538 (Modem into Linux Kernel issue) – The vulnerability relies on the Qualcomm Linux kernel component for Android, an attacker could exploit the vulnerability to overwrite the Linux kernel for Android.

Patches for QualPwn

The vulnerabilities were discovered in February and the researchers reported the details to Google and Qualcomm. In June Qualcomm issued fixes and notified OEMs. Google issued patches for the vulnerability with the August security update.

Users are recommended to update with the latest security updates that rolled out August 5, 2019, that address both of the bugs.

The full details of the bug were and the exploitation steps were not yet disclosed, according to Tencent there is no public full exploit code available.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.

Also Read

Critical Vulnerabilities in Free Android Antivirus Apps Let Attackers to Steal Address Books and Disable Antivirus Protection

VMware Security Vulnerabilities Leads to Code Execution and Cause DoS Condition

Vulnerability in Apple iMessage Let Hackers Remotely Read Files in iPhone – PoC Released

Website

Latest articles

Wireshark 4.2.4 Released: What’s New!

Wireshark stands as the undisputed leader, offering unparalleled tools for troubleshooting, analysis, development, and...

Zoom Unveils AI-Powered All-In-One AI Work Workplace

Zoom has taken a monumental leap forward by introducing Zoom Workplace, an all-encompassing AI-powered...

iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage

Phishing allows hackers to exploit human vulnerabilities and trick users into revealing sensitive information...

2 Chrome Zero-Days Exploited at Pwn2Own 2024: Patch Now

Google has announced a crucial update to its Chrome browser, addressing several vulnerabilities, including...

The Moon Malware Hacked 6,000 ASUS Routers in 72hours to Use for Proxy

Black Lotus Labs discovered a multi-year campaign by TheMoon malware targeting vulnerable routers and...

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles