Researchers at Check Point have discovered security vulnerabilities affecting millions of Android phones through Qualcomm’s Snapdragon chips.
The security researchers found more than 400 code vulnerabilities in the digital signal processors (DSPs) of the chips. They haven’t disclosed specific details about the flaws in order to prevent bad actors from exploiting the vulnerabilities.
However, Check Point outlines that attackers can exploit the vulnerabilities to record calls, steal data, install malware and render devices unusable. The researchers outline that phone vendors wouldn’t be able to fix the issue themselves, as Qualcomm has to address it first.
Qualcomm has acknowledged the vulnerabilities and said that it has shared details with brands as it provides “appropriate mitigations.” The company has stated that it hasn’t found any evidence that the vulnerabilities have been exploited.
Snapdragon chips were in an estimated 40 percent of Android devices that were shipped in 2019, which essentially leaves hundreds of millions of phones vulnerable, according to Check Point.
Qualcomm has said that users can avoid issues by downloading security updates when available and by only downloading apps from the Play Store and other trusted sources.