1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Qualcomm flaw puts millions of Android devices at risk

Discussion in 'Network World' started by RSS, May 6, 2016.

  1. RSS

    RSS New Member Member

    A vulnerability in an Android component shipped with phones that use Qualcomm chips puts users' text messages and call history at risk of theft.

    The flaw was found by security researchers from FireEye and was patched by Qualcomm in March. However, because the vulnerability was introduced five years ago, many affected devices are unlikely to ever receive the fix because they're no longer supported by their manufacturers.

    The vulnerability, which is tracked as CVE-2016-2060, is located on an Android component called "netd" that Qualcomm modified in order to provide additional tethering capabilities. Malicious applications could exploit the flaw in order to execute commands as the "radio" system user, which has special privileges.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page