Almost all Android smartphones could be vulnerable to remote code execution due to vulnerabilities discovered in the audio decoders of Qualcomm and MediaTek chips.
These vulnerabilities were discovered by Check Point Research (CPR), and if left unpatched, an attacker could exploit them to remotely gain access to a device’s camera and microphone using a corrupted audio file. At the same time, an unprivileged Android app could use these vulnerabilities to escalate its privileges to spy on a user’s media files and eavesdrop on their conversations.
Since most Android devices are powered by either Qualcomm or MediaTek chips, the impact of these vulnerabilities is far-reaching, but thankfully, CPR has responsibly shared its findings with both chipmakers, who have since issued fixes.
Check Point security researcher Slava Makkaveev provided further insight into the company’s findings on these high and critical severity vulnerabilities in a press releaseSaying:
“We have discovered a number of vulnerabilities that could be used for remote execution and privilege escalation on two-thirds of the world’s mobile devices. The vulnerabilities could easily be exploited. An attacker could have sent and played a song (media file) a potential victim could have injected code into the privileged media service The attacker could have seen what the mobile phone user sees on their phone In our proof of concept, we were able to steal the phone’s camera stream What is “The most sensitive information on your phone? I think it’s your media: audio and videos. An attacker could have stolen those through these vulnerabilities.”
Vulnerable audio decoders
The vulnerabilities themselves were found in the Apple Lossless Audio Codec (ALAC), also known as Apple Lossless.
First introduced in 2004 for lossless data compression of digital music, Apple made ALAC open source in late 2011 and the format is now embedded in many non-Apple audio players and programs, including Android smartphones and Linux and Windows media players and converters.
> This Android antivirus might actually be malware
> Google Chrome exits its Android Lite mode
> Android users can turn off 2G for better security and privacy
While Apple has updated the proprietary version of its decoder by fixing and patching security issues multiple times, the released code in the open source version of ALAC has not been patched since 2011. CPR discovered that Qualcomm and MediaTek ported the vulnerable ALAC code into their own audio decoders, which is why so many Android smartphones are now vulnerable.
CPR has responsibly shared its findings with both chipmakers over the past year, and they in turn released patches in December to fix all of their vulnerable audio decoders. However, to avoid falling victim to potential attacks, you should ensure that your Android device is updated with all the latest patches.
- Keep your smartphone virus-free with the best antivirus apps for Android
This article was previously published on Source link
