Hackers exploited bug in Qualcomm chips to target Android users

Qualcomm has confirmed a vulnerability in 64 chipsets that allowed hackers to exploit and attack Android users.

In its October 2024 security bulletin, Qualcomm notes that "there are indications from Google Threat Analysis Group" that the zero-day vulnerability, designated CVE-2024-43047, "may be under limited, targeted exploitation". 

The phrase, "limited, targeted exploitation", implies that the hacking might be confined to a specific group of users rather than the wider public. It is also unclear how this exploit works.

The company also provided the list of chipsets affected, which includes flagship mobile platforms such as the Snapdragon 8 Gen 3, Gen 2, Gen 1, as well as networking chipsets such as the FastConnect 6900 and 7800.

A Qualcomm spokesperson told TechCrunch that the company released the fixes to Android device makers in September, and it is now the responsibility of these device makers to roll out the patch to affected users.

Given that major Android device makers such as Samsung, OnePlus, OPPO, and Xiaomi rely on Qualcomm chipsets, millions of Android users could be at risk if these patches are not yet deployed.

Source: Qualcomm via TechCrunch

Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.