Qualcomm Vulnerability In Android Devices Is Finally Fixed

Qualcomm Vulnerability In Android Devices Is Finally Fixed

Finally Google has fixed the high-severity flaw in Android. Qualcomm Vulnerability has been found in Android OS based phones that puts millions of Android device users at risk. This critical issue was around there for almost five years. Qualcomm Vulnerability leaves users’ sensitive data like call histories, text messages etc. open for snooping. Whats more, CVE-2016-2060 flaw affects Android OS 4.3 and all earlier version which uses software package that is maintained by the mobile chipmaker Qualcomm.

Source : http://www.pcworld.com/article/3066831/security/qualcomm-flaw-puts-millions-of-android-devices-at-risk.html

What is Qualcomm Vulnerability

Qualcomm Vulnerability In Android DevicesWell, this critical glitch in Android devices was first found in 2011. In the year 2011 Qualcomm has released new a set Application Programming Interfaces or API for the network manager system service for AOSP which is also refereed as Android Open Source Project and later the “netd” daemon. The updated Qualcomm netd daemon provides extra bit of networking capabilities to your handset. However unfortunately, the modified netd daemon introduced a very critical flaw into Android OS that is capable to allow the low-privileged application to access your confidential information from your Android devices.

Source : http://source.android.com/security/bulletin/2016-05-01.html

According to the researchers, the professional cyber crook can take advantage of this critical glitch in your Android gadgets and can exploit the Qualcomm vulnerability and can gain the complete access of your unlocked device and can even force the users to install malicious application in your Android phones. Meanwhile this critical flaw has supposed to affects various of the Android device that has been manufactured in last five years using the Qualcomm chips. Well, this critical issue was introduced by security researchers at FireEye. According to the researcher Qualcomm Vulnerability has affected Android KitKat, Jelly Bean and Lollipop releases.

Reference : https://www.fireeye.com/blog/threat-research/2016/05/exploiting_cve-2016-.html

Qualcomm Vulnerability

How Critical Qualcomm Vulnerability Is

Well, in order to exploit this very vulnerability, the malicious apps only requires the “ACCESS_NETWORK_STATE” permission to gain the access of API exposed through updated Qualcomm service. Well, even detecting the attack is not easier for the users. However, due to this critical flaw any application can interact the API without even users awareness. Once the app obtain radio privilege then it can even access the other applications data running in the same device.

Qualcomm Vulnerability In AndroidHowever, the good thing is devices that is running on KitKat (4.4) and later versions of Android Operating System are less affected than the older version of OS as they the newer devices comes along with advanced security mechanism for Android (SEAndroid). Well, with this new security mechanism in Android device it will be impossible for the malicious apps to steal other apps data through this vulnerability. Actually the newer versions of Android OS ‘netd’ context the ‘/system/bin/radish’ does not have the capability to interact with other application data.

Source : http://arstechnica.com/security/2016/05/5-year-old-android-vulnerability-exposes-texts-and-call-histories/

However, still the malicious apps can exploit the glitch in order to alter system propertie. Anyway, the impact of malicious application now entirely depends on how the system property subsystem is being used by OEM. Luckily Qualcomm vulnerability in android devices is finally patched by Google in its latest Android security patch update. Hence, users who are using Android OS 4.3 and other earlier version should make sure that this new security patch is available in the device in order to keep their device secured and protected.

Qualcomm Vulnerability In Android Devices Is Finally Fixed

This is certainly not the first time when a critical vulnerability become a potential threat in digital devices. Hence, users are advised to be very careful while using their device as hackers can target your handset or other devices to access your personal as well as confidential data. Manage your data wisely and keep an updated backup of all your important files as it will help you to overcome any kind of critical hack or data breach issue. Lastly keep your eyes open and stay prepared.

Reference : http://gadgets.ndtv.com/mobiles/news/millions-of-qualcomm-based-android-devices-vulnerable-to-attacks-report-1-834174

Share