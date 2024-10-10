Key Takeaways Qualcomm says hackers exploited a zero-day bug in dozens of its chipsets found in popular Android devices.

The vulnerability is being exploited in a limited way, meaning instead of targeting a large group of people, hackers are going after select individuals.

Qualcomm has patched the vulnerability, and now it’s up to Android brands to release the patch to their customers’ devices.

Every now and then, we hear about new ways hackers are going after Android users. Back in August, Google revealed that hackers exploited some Chrome vulnerabilities on Android to steal sensitive data. And just last month, Kaspersky researchers found malware infecting millions of Android devices through two Google Play apps. Now, there's another method to add to the list, this time targeting vulnerabilities in the chips powering Android phones.

Chipmaker Qualcomm confirmed on Monday that hackers exploited a zero-day bug in dozens of its chipsets found in popular Android devices (via TechCrunch). A zero-day is a vulnerability unknown to the vendor, with no patch or fix available. The vulnerability in Qualcomm chips, officially designated as CVE-2024-43047, “may be under limited, targeted exploitation,” the company said, citing unspecified “indications” from Google’s Threat Analysis Group (TAG).

The fact that this vulnerability is being exploited in a limited way and was found by Google’s TAG suggests it’s not hitting a large group of Android users, but rather targeting specific individuals. Since TAG mostly looks into government hacking threats, this could mean it’s a state-sponsored attack. Amnesty International’s Security Lab, which helps protect civil society from digital surveillance and spyware, has backed up Google’s assessment.

The US cybersecurity agency, CISA, has also added the Qualcomm flaw to its list of vulnerabilities that have been or are currently being exploited.

Which Qualcomm chips had this vulnerability?

Qualcomm has listed 64 chipsets affected by this issue in its security bulletin. This includes flagship SoCs like the Snapdragon 8 Gen 1 and Snapdragon 888+, as well as mid-range options like the Snapdragon 660 and Snapdragon 680. It also covers FastConnect 6700, 6800, 6900, and 7800 modules, plus the Snapdragon X55 5G modem. These chipsets are found in millions of devices, from the Galaxy S22 Ultra and OnePlus 10 Pro to older Redmi Notes and Nokias.

A Qualcomm spokesperson told TechCrunch that “fixes have been made available to our customers as of September 2024.” Now, it’s up to the Android device makers using these vulnerable chipsets to push out the patch to your devices. You can expect this fix to be part of an upcoming security update.