QuadRooter Security Vulnerability Lays Treacherous Trap For 900 Million Qualcomm-Based Android Devices

Check Point, the company that's perhaps best known for its ZoneAlarm security software, found four vulnerabilities that put at risk most Android smartphones tablets. Collectively called QuadRooter, Check Point's mobile research team says the set of vulnerabilities affects Android devices that use Qualcomm chipsets, of which there are about 900 million in the wild.

Qualcomm is the world's biggest provider of LTE chipsets with a dominating 65 percent share of the LTE modem baseband market. That leaves hundreds of millions of people susceptible to QuadRooter, including owners of the BlackBerry Priv, Google's Nexus 5X, Nexus 6, and Nexus 6P, HTC's One, M9, and 10, Samsung's Galaxy S7 and Galaxy S7 Edge, every OnePlus handset, and many others.

"If any one of the four vulnerabilities is exploited, an attacker can trigger privilege escalations for the purpose of gaining root access to a device," Check Point says.

Check Point QuadRoot Scanner
Check Point's free QuadRooter Scanner will let you know if your Android device is vulnerable to QuadRooter

QuadRooter is particularly nasty because an attacker can exploit any of the four vulnerabilities using an app that requires no special permissions. That means an attacker can construct a legitimate looking mobile app with foul intentions.

The actual vulnerabilities are found in software drivers that ship with Qualcomm chipsets. The drivers control communication between chipset components and are incorporated into Android builds that manufacturers develop for their smartphones and tablets. Since the drivers are pre-installed from the factory, the only way to plug the security holes is by installing a patch from the distributor or carrier, and they can only issue them after receiving fixed driver packs from Qualcomm, Check Point says.

"This situation highlights the inherent risks in the Android security model. Critical security updates must pass through the entire supply chain before they can be made available to end users," Check Point explains. "Once available, the end users must then be sure to install these updates to protect their devices and data."

Left unpatched, a compromised device could give attackers complete control of a device and unfettered access to any sensitive personal and enterprise data contained on it. An attacker could also install a keylogger, initiate GPS tracking, record video and audio, and so forth.

If you're unsure whether or not your Android device is affected, you can download and install Check Point's free QuadRooter Scanner from Google Play.

Via:  Check Point
Show comments blog comments powered by Disqus