Qualcomm Snapdragon DSP Chips Vulnerable to Hundreds of Bugs

• Check Point discovered a multitude of flaws on a wide range of Qualcomm DSP chips.
• These could lead to data exfiltration, planting of malware, or device DoSing.
• Pushing fixes for the discovered problems will be very hard, and it will take many months.

Researchers from Check Point have discovered over 400 vulnerable pieces of code in the DSP (Digital Signal Processing Units) chips they tested. The team focused on Qualcomm-made DSP chips that are the most widespread in the market, deployed in Samsung, Xiaomi, LG, OnePlus, and Google phones.

The discovered flaws could enable attacks to impose DoS (denial of service) conditions to the device, plant malware or spyware, exfiltrate sensitive data from the device’s storage, or even receive live data from the device’s GPS, microphone, camera, etc.

Check Point disclosed the following identifiers that were shared with Qualcomm, grouping them all under the name “Achilles.” The security firm plans to give more details about these flaws on August 13, when they’ll hold a relevant webinar.

• CVE-2020-11201
• CVE-2020-11202
• CVE-2020-11206
• CVE-2020-11207
• CVE-2020-11208
• CVE-2020-11209

For now, Check Point hasn’t disclosed the full technical details about the above, because mobile device vendors didn’t get the chance to patch the vulnerable models yet. Qualcomm has released a fixing patch for the six security flaws that make up Achilles, but it will take some time for it to actually reach the end-users in the form of OEM updates. This is another case that highlights the problems of having a fragmented ecosystem like that of Android.

Related: Qualcomm Snapdragon 865 Plus Is a 3GHz+ Gaming Beast

But what is DSP anyway? Digital Signal Processing units are meant to extend smartphone devices’ capabilities in the areas of audio and voice processing, augmented reality, neural-network calculations, camera streaming, and more. Qualcomm calls this system “Hexagon,” and its practically an AI engine built within its processors carrying out the tasks that constitute the “smart” aspect of our smartphones.

As it seems, though, not much regards were given to the security of the DSP chips, and solving the problem now requires handling the complexities of an entangled and intricate supply chain.

The researchers estimate that more than 40% of the entire mobile phone market is using a vulnerable Qualcomm DSP chip, so that would be about 1.2 billion devices spread around the world. Patching all of them before details about Achilles emerge would be practically impossible the way things work in Android. Since these chips use closed-source technology, even testing them for flaws is a challenge on its own.

Unfortunately, if anyone were to exploit the Achilles flaws to spy on you, you wouldn’t have any way to tell. The best thing you can do is make sure that you apply any patches as soon as they become available and use a mobile security suite that could potentially detect and stop malware running on your device.