Qualcomm confirms ‘targeted’ zero-day chip exploit in numerous Android phones

When you buy from our articles through links, Future and its syndication partners may earn a commission.

What you need to know

• According to reports, Qualcomm has confirmed that several of its chips, such as the Snapdragon 8 Gen 1, have experienced a zero-day exploit.

• The attack appeared “limited” and “targeted,” although Qualcomm doesn’t know who was affected, only that devices from Samsung, Motorola, OnePlus and more are involved.

• Qualcomm confirmed it fixed the zero-day bug in September 2024, but more information will emerge from Amnesty International’s investigation.

Qualcomm and two other major parties are coming forward with information about a zero-day attack on Android.

The chipmaker states in its security bulletin that it is providing a fix for a “CVE-2024-43047” issue (via TechCrunch). The zero-day vulnerability was not mentioned as a widespread issue, but Qualcomm states that it was a “limited, targeted exploit.” Naturally, this issue caught the attention of Google and Amnesty International’s Security Lab. Both companies have reportedly begun investigating “the use” of the attack.

Google Threat Analysis Group gave Qualcomm “indications” about this problem before taking action. The report states that Amnesty ‘confirmed’ the Analysis Group’s initial suspicions about the zero-day bug.

TechCrunch heard from Amnesty’s spokesperson Hajira Maryam, who said the company is working on a research paper on the issue, “to be released soon.” At this time, nothing is certain about the purpose behind this exploit – and who it may have targeted. Qualcomm did confirming that the attack affected 64 of its SoCs, such as the Snapdragon 8 Gen 1.

Additionally, the company states that the issue affects devices from Samsung, Motorola, Xiaomi, OnePlus, OPPO, and ZTE. While we get confirmation nowthe problem has reportedly been resolved. A Qualcomm spokesperson told the publication that “solutions will be available to our customers starting September 2024.”

Serious vulnerabilities are (unfortunately) possible with technology and Qualcomm suffered a WLAN exploit in 2019. “QualPwn” was the name and gave potential attackers unauthorized access to a device via WLAN and the mobile modem remotely. The exploit was able to bypass Qualcomm’s use of Secure Boot. Once inside, it was reported that attackers could have penetrated deeper into the Android kernel and accessed users’ data.

A similar incident occurred last year with Pixel and Galaxy phones running Samsung’s Exynos modem. Attackers could have gained remote access via the modem to compromise a device and cause damage.

The good news with this current 2024 incident is that Qualcomm has already resolved it (as of September) thanks to the help of Google and Amnesty. What should be done to provide concrete information about who the attack may have targeted and the extent of the damage?