Critical vulnerabilities affecting Snapdragon 835 and 845

Multiple Linux-based exploits have caught the attention of vulnerability testing experts over the more recent years, such as the dangerous Stagefright, RAMpage and Dagger. Recently, smartphone manufacturers Xiaomi and OnePlus released some security updates unexpectedly and early, a fact that triggered alarms at the possible existence of a serious vulnerability.

In the end these assumptions were right, as security firm Tencent reported a critical vulnerability affecting devices using Qualcomm Snapdragon 835 and Snapdragon 845 chipsets.

The attack, dubbed by experts as ‘QualPwn’, allows remote exploitation of compromised devices and, according to vulnerability testing experts, not only affects the two chipset models mentioned above, but also could be extended to other chip families, increasing the danger of this vulnerability. QualPwn exploits WLAN interfaces on Qualcomm’s chipsets to grant hackers control over a modem, this would allow kernel attacks or root access to the victim’s device.

Although this is a remote execution flaw, the exploit lies on the device, in addition to the potential attacker being on the same network. “You can’t attack any compromised device strictly over the Internet, so the best way to prevent these attacks is not to use unsecured wireless networks,” the experts mention.

However, this is also the main avenue of attack. Virtually anyone on the network could attack a device without user interaction; In addition, any computer with Snapdragon 835 or Snapdragon 845 is exposed if you don’t have the August 2019 security patch installed. As if that wasn’t enough, Tencent’s vulnerability analysis experts say this update does not fully fix the vulnerability.

Last month Qualcomm released a list of updates for more than 20 chipsets, including Snapdragon. In other words, any chip system released by the company over the last two years could be vulnerable to this error. Although no cases of exploitation have been detected in real-world environments, the potential risk is enormous, experts consider.

Fortunately it’s not all bad news; in addition to no reported cases of exploitation, it has been reported that this scenario would require multiple preconditions to be met, so the complexity of this attack is considerably high. Another factor that helps users is the timely release of the security patch, because while it is not a definitive solution, it could help discourage attempts to exploit this flaw.

Despite its exploitation being a very small possibility, QualPwn remains a critical vulnerability that should not escape the attention of the cybersecurity community. Experts in vulnerability testing from the International Institute of Cyber Security (IICS) mention that the solution is in the hands of the manufacturer companies, although once they are discovered these flaws can be done very little, in addition to launching Updates. In case the user is unable to upgrade their chipset, it may be best to buy a new phone.

However, this is also the main attack vector. Virtually anyone on the network could attack a device without user interaction; in addition, any device with Snapdragon 835 or Snapdragon 845 is exposed if you don’t have the August 2019 security patch installed. As if that wasn’t enough, Tencent’s vulnerability testing experts say this update does not fully fix the vulnerability.

Last month Qualcomm released a list of updates for more than 20 chipset, including Snapdragon. In other words, any chipset released by the company over the last two years could be vulnerable to this error. Although no cases of exploitation have been detected in the wild, the potential risk is enormous, experts consider.

Fortunately it’s not all bad news; in addition to no reported cases of exploitation, it has been reported that this scenario would require multiple preconditions to be met, so the complexity of this attack is considerably high. Another factor that helps users is the timely release of the security patch, because while it is not a definitive solution, it could help discourage attempts to exploit this flaw.

Despite its exploitation being a very small possibility, QualPwn remains a critical vulnerability that should not escape the attention of the cybersecurity community. Experts in vulnerability testing from the International Institute of Cyber Security (IICS) mention that the solution is in the hands of the manufacturer companies, although once they are discovered these flaws can be done very little, in addition to launching Updates. In case the user is unable to upgrade their chipset, it may be best to buy a new phone.