What you need to know
- According to reports, Qualcomm confirmed that several of its chips, such as the Snapdragon 8 Gen 1, experienced a zero-day exploit.
- The attack seemed "limited" and "targeted," though Qualcomm does not know who it affected, only that devices from Samsung, Motorola, OnePlus, and more are involved.
- Qualcomm confirmed that it fixed the zero-day bug in September 2024, but more information will surface from Amnesty International's research.
Qualcomm and two more important parties step forward with information about a "zero-day" attack on Android.
The chipmaker detailed on its Security Bulletin that it provided a fix for a "CVE-2024-43047" issue (via TechCrunch). The zero-day vulnerability wasn't stated as a widespread issue, instead, Qualcomm states it was a "limited, targeted exploitation." Of course, this issue caught the attention of Google and Amnesty International's Security Lab. Both companies have reportedly started investigating "the use" of the attack.
Google Threat Analysis Group delivered "indications" to Qualcomm about this issue before it took action. The report states Amnesty "confirmed" the Analysis Group's initial suspicions about the zero-day bug.
TechCrunch heard from Amnesty's spokesperson Hajira Maryam, who said the company is working on a research paper about the issue, "due to be out soon." Right now, nothing is certain about the purpose behind this exploit — and who it may have targeted. Qualcomm did confirm that the attack affected 64 of its SoCs like the Snapdragon 8 Gen 1.
Moreover, the company states the problem concerns Samsung, Motorola, Xiaomi, OnePlus, OPPO, and ZTE devices. While we're getting confirmation now, the issue has reportedly been rectified. A Qualcomm spokesperson informed the publication that "fixes have been made available to our customers as of September 2024."
Severe vulnerabilities are (unfortunately) a possibility with tech and Qualcomm suffered a WLAN exploit in 2019. "QualPwn" was its name and allowed would-be attackers unsanctioned access to a device via WLAN and its cell Modem remotely. The exploit was able to bypass Qualcomm's use of Secure Boot. Once inside, it was reported that attackers could've gone deeper into Android's kernel and accessed user's data.
A similar incident occurred with Pixel and Galaxy phones with Samsung's Exynos modem last year. Attackers could've gained remote access via the modem to compromise a device and deal damage.
The good news with this current 2024 incident is Qualcomm has already fixed it (as of September) thanks to Google and Amnesty's help. What's to come to concrete information about who the attack may have targeted and the extent of its damage.