Qualcomm confirms 'targeted' zero-day chip exploit in numerous Android phones

News
By
published

On one hand, the attack wasn't widespread enough to instill fear; however, who it targeted and why is still important.

The Qualcomm logo at MWC 2024
(Image credit: Android Central)

What you need to know

  • According to reports, Qualcomm confirmed that several of its chips, such as the Snapdragon 8 Gen 1, experienced a zero-day exploit.
  • The attack seemed "limited" and "targeted," though Qualcomm does not know who it affected, only that devices from Samsung, Motorola, OnePlus, and more are involved.
  • Qualcomm confirmed that it fixed the zero-day bug in September 2024, but more information will surface from Amnesty International's research.

Qualcomm and two more important parties step forward with information about a "zero-day" attack on Android.

The chipmaker detailed on its Security Bulletin that it provided a fix for a "CVE-2024-43047" issue (via TechCrunch). The zero-day vulnerability wasn't stated as a widespread issue, instead, Qualcomm states it was a "limited, targeted exploitation." Of course, this issue caught the attention of Google and Amnesty International's Security Lab. Both companies have reportedly started investigating "the use" of the attack.

Google Threat Analysis Group delivered "indications" to Qualcomm about this issue before it took action. The report states Amnesty "confirmed" the Analysis Group's initial suspicions about the zero-day bug.

TechCrunch heard from Amnesty's spokesperson Hajira Maryam, who said the company is working on a research paper about the issue, "due to be out soon." Right now, nothing is certain about the purpose behind this exploit — and who it may have targeted. Qualcomm did confirm that the attack affected 64 of its SoCs like the Snapdragon 8 Gen 1.

Moreover, the company states the problem concerns Samsung, Motorola, Xiaomi, OnePlus, OPPO, and ZTE devices. While we're getting confirmation now, the issue has reportedly been rectified. A Qualcomm spokesperson informed the publication that "fixes have been made available to our customers as of September 2024."

Severe vulnerabilities are (unfortunately) a possibility with tech and Qualcomm suffered a WLAN exploit in 2019. "QualPwn" was its name and allowed would-be attackers unsanctioned access to a device via WLAN and its cell Modem remotely. The exploit was able to bypass Qualcomm's use of Secure Boot. Once inside, it was reported that attackers could've gone deeper into Android's kernel and accessed user's data.

A similar incident occurred with Pixel and Galaxy phones with Samsung's Exynos modem last year. Attackers could've gained remote access via the modem to compromise a device and deal damage.

The good news with this current 2024 incident is Qualcomm has already fixed it (as of September) thanks to Google and Amnesty's help. What's to come to concrete information about who the attack may have targeted and the extent of its damage.

Nickolas Diaz
Nickolas Diaz
News Writer

Nickolas is always excited about tech and getting his hands on it. Writing for him can vary from delivering the latest tech story to scribbling in his journal. When Nickolas isn't hitting a story, he's often grinding away at a game or chilling with a book in his hand.