The Israeli security firm Check Point Research has discovered a vulnerability in Qualcomm’s MSM (Mobile Station Modem) that affects millions of Android phones around the world.
The firm claims that MSM is an integral part of Qualcomm chips dating back to the early 1990s. It is even part of the company’s latest 5G chips and can be found in the latest models from Samsung, Xiaomi, Google, LG, OnePlus, and more.
Check Point’s report reveals that up to 30 percent of all Android phones have this modem software from Qualcomm that includes this vulnerability. Hackers can use the vulnerability to inject malicious code into the modem from Android, which gives the attacker the possibility to access the call and SMS history, as well as listen to the user’s conversations.
In some cases, hackers can use this vulnerability to even unlock your SIM card and would allow you to pass the limitations imposed by the operators.
The number of mobiles that may be affected is not yet clear, but as the Check Point spokesperson mentions, anyone who has a mobile with a Qualcomm Snapdragon chip without having updated it since November could be at risk.
Qualcomm is aware of the vulnerability and already issued a fix. Precisely in the month of December of last year, Qualcomm sent the patches to the manufacturers and recommends that users update their devices to the latest version available.