A piece of research conducted by Checkpoint has found over 400 vulnerabilities with the Qualcomm Snapdragon Chip. A variety of Qualcomm’s chips are embedded in 40% of the smartphone market. This makes the research intensely worrying for smartphone users and makers.
It has been an intense month for Qualcomm after it somehow managed to win an antitrust hearing early in August. The company managed to overturn a verdict allowing it to return to previous practices. However, this news is not what they would have wanted to hear.
Additionally, it was reported that Qualcomm wanted to get its chips into Huawei phones earlier this month. If this research hold, then such a move looks increasingly unlikely.
Over 400 vulnerabilities found on Qualcomm Snapdragon chips
Qualcomm has dominated the DSP chip market and its Snapdragon iteration has been very successful. However, this research may put a pin in that success.
The research boils down to three main issues for Qualcomm and its Snapdragon chip. First is that attackers may be able to turn the phone into a spying tool. Vulnerabilities within the chip make it possible to do so without any user interaction.
This is because information can be exfiltrated from the photos, videos, call-recording, real-time microphone data, GPS and location data.
Secondly, attackers may be able to render the phone constantly unresponsive. This would make all the phone’s information permanently unavailable.
Finally, malware and other malicious code can completely hide their activities and become un-removable. This is a set of very worrying findings for Qualcomm to address.
The research process
Checkpoint will not publish full technical details of these vulnerabilities. It will wait until mobile vendors find solutions to these problems.
Checkpoint used state-of-the-art fuzz testing technologies in order to overcome the ‘black box’ nature of the chips. This gained them a rare insight into the internals of the tested DSP chip.
From there the company was able to perform a review the chip’s security controls and identify its weak points. It has found some serious issues that need fixing.
Hopefully, mobile vendors and Qualcomm are able to come up with effective solutions to these problems. Cyber attacks are becoming increasingly prevalent in society. Therefore having weak smartphones in the first place could be problematic.
Checkpoint disclosed these findings with Qualcomm, who acknowledged them. They also notified relevant device vendors and assigned them with CVE’s. Thes list of which is below.
CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208 and CVE-2020-11209.7.
Given that the problem has now been identified work should be underway to fix it. How long this will take is anybody’s guess but at least we are no longer blind to the problem. With any luck, Qualcomm may find a solution.
Update:
A Qualcomm spokesperson has reached out to provide the following statement –
“Providing technologies that support robust security and privacy is a priority for Qualcomm. Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to OEMs.
We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store.”