Vulnerabilities discovered in Qualcomm chips

Tencent Blade Team that is founded by Tencent Security Platform has discovered vulnerabilities in Qualcomm Snapdragon 835 and 845 chips. Coined as QualPwn, the vulnerabilities allow attackers to compromise the WLAN and Modem over-the-air and the Android Kernel from the WLAN chip.

The team did not test all the phones running on Snapdragon 835 and 845, they only tested Google Pixel 2 and Pixel 3 phones. The test results indicate that unpatched phones running on these chipsets may be vulnerable. The team has reported all the details to Google and Qualcomm who have issued fixes. Qualcomm released a security bulletin to OEMs in June and asked them to download and incorporate appropriate patches.

Tencent Blade Team will share details of QualPwn at BlackHat USA 2019 and DEFCON 27.

source

• Qualcomm Snapdragon 8 Elite Gen 5 mobile processor announced; details here
• Qualcomm intros Snapdragon 7 Gen 4 Mobile Platform
• Qualcomm expands Snapdragon X Series with new X Plus 8-Core Platform
• Snapdragon 7s Gen 3 to bring AI-driven experiences to affordable smartphones