Almost all Android smartphones could be vulnerable to remote code execution as a result of vulnerabilities discovered in the audio decoders of Qualcomm and MediaTek chips.

The discovery of these vulnerabilities was made by Check Point Research (CPR) and if left unpatched, an attacker could exploit them to remotely gain access to a device’s camera and microphone by using a malformed audio file. At the same time, an unprivileged Android app could leverage these vulnerabilities to escalate its privileges in order to spy on a user’s media data and listen in on their conversations.

Since most Android devices are powered by either Qualcomm or MediaTek chips, the impact of these vulnerabilities is wide reaching but thankfully, CPR responsibly disclosed its findings to both chipmakers who have since issued fixes.

Check Point security researcher Slava Makkaveev provided further insight on the firm’s findings regarding these high and critical severity vulnerabilities in a press release, saying:

"We've discovered a set of vulnerabilities that could be used for remote execution and privilege escalation on two-thirds of the world's mobile devices. The vulnerabilities were easily exploitable. A threat actor could have sent a song (media file) and when played by a potential victim, it could have injected code in the privileged media service. The threat actor could have seen what the mobile phone user sees on their phone. In our proof of concept, we were able to steal the phone's camera stream. What is the most sensitive information on your phone? I think it's your media: audio and videos. An attacker could have stolen that through these vulnerabilities.”

By: DocMemory
Copyright © 2023 CST, Inc. All Rights Reserved