The information security experts from FireEye reported the vulnerability in which millions of Android smartphones with Qualcomm processor. The operation of the gaps in the security system allows an attacker to elevate privileges on the system and to access critical data on the device.
Error received code CVE-2016-2060, and it is reported that she has existed for five years. Bug allows you to access SMS messages, phone logs and other information.
The greatest threat the breach poses to smartphones running Android Lollipop (5.0), KitKat (4.4), jelly bean MR2 (4.3) and Ice Cream Sandwich MR1 (4.0.3). Previously, Qualcomm released a patch with the hotfix, but the “phones” are still under threat, while manufacturers will not release an update for their products. Google Nexus devices are not affected by the failure.
The problem arose because of an error in the API from Qualcomm, which is installed on a large number of devices and used in various projects such as CyanogenMod. Because of this, the exact number of affected devices can be determined.
Successful exploitation of error is possible in two ways. The first involves the physical access to the vulnerable gadget, the second is the use of malicious applications, which the victim must download and run on the gadget. Moreover, this program will not be detected by antivirus products as malware, as it requires permissions usually requested and approved by default for millions of apps. Most likely, this application passes the checks Google Play, say experts.
According to experts FireEye, the number of gadgets at risk could reach 34% of total active Android devices. They have introduced in version 4.4 of protection called SEAndroid (Security Enhancements for Android). However, the danger exists even in the models with versions 4.4 and newer, where malware can stealthily alter system settings. In combination with other vulnerabilities, this could lead to new attacks on user data. In this case, the danger is 73,1% of the devices.