Android Phones With Qualcomm DSP Chips Affected by 400 Vulnerabilities: Check Point

Qualcomm DSP chips are found in high-end phones from Google, Samsung, LG, Xiaomi, OnePlus and more.

Advertisement
By Tasneem Akolawala | Updated: 8 August 2020 16:35 IST
Highlights
  • Hackers can gain access to sensitive information on these phones
  • Check Point has not issued details about the vulnerabilities
  • Qualcomm says fixes have been issued to mobile vendors
Android Phones With Qualcomm DSP Chips Affected by 400 Vulnerabilities: Check Point

Qualcomm has acknowledged these vulnerabilities and have assigned mobile vendors with fixes

Android smartphones running on a specific Qualcomm digital signal processor (DSP) chip are reported to have as many as 400 vulnerabilities. Security research firm Check Point in its research discovered that these vulnerabilities allow hackers to access sensitive information, render the mobile phone constantly unresponsive, and allow malware and other malicious code to completely hide their activities and become un-removable. Check Point says that Qualcomm DSP chips are found in high-end phones from Google, Samsung, LG, Xiaomi, OnePlus and more.

Check Point, on its blog, notes that Qualcomm was told of these vulnerabilities earlier on. The research firm says that the chip manufacturer has acknowledged them and even notified the relevant device vendors regarding the vulnerabilities. It assigned several CVE fixes to device vendors including CVE-2020-11201, CVE-2020-11202, CVE-2020-11206, CVE-2020-11207, CVE-2020-11208 and CVE-2020-11209. Check Point is dubbing this vulnerability group as Achilles.

In a statement to Market Watch, Yaniv Balmas, head of cyber research at Check Point, commented "Although Qualcomm has fixed the issue, it's sadly not the end of the story. Hundreds of millions of phones are exposed to this security risk. You can be spied on. You can lose all your data."

A Qualcomm spokesperson told the publication, "Regarding the Qualcomm Compute DSP vulnerability disclosed by Check Point, we worked diligently to validate the issue and make appropriate mitigations available to OEMs. We have no evidence it is currently being exploited. We encourage end users to update their devices as patches become available and to only install applications from trusted locations such as the Google Play Store."

Advertisement

Check Point has not published full technical details of these Achilles vulnerabilities as it wants mobile vendors to work on possible solutions to mitigate the possible risks these vulnerabilities cause. The 400 vulnerabilities found inside the Qualcomm DSP chip can allow attackers to turn the phone into a perfect spying tool, without any user interaction required. Hackers can gain access to photos, videos, call-recording, real-time microphone data, GPS and location data, and much more by exploiting these vulnerabilities.

Furthermore, attackers may also be able to render the mobile phone constantly unresponsive making all the information stored on this phone permanently unavailable. This targeted denial-of-service attack can enable hackers to block the user from accessing photos, videos, contact details, and more. Lastly, these vulnerabilities allow malware and other malicious code to completely hide their activities and become un-removable.

Advertisement

Check Point says that DSP chips are ‘breeding grounds' for vulnerabilities as they are being managed as “Black Boxes” due to the complex nature of these chips and their undefined architecture. Due to this reason, mobile vendors have to rely on chip manufacturers to address the issue first. These vulnerabilities are reported to have affected a slew mobile phones. While the exact number is not known, Qualcomm chips are embedded into nearly 40 percent of mobile phones in the market, a 2019 Strategy Analytics report claims - leaving millions of devices potentially at risk to the Achilles vulnerabilities.


Why are smartphone prices rising in India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Affiliate links may be automatically generated - see our ethics statement for details.
 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Redmi Pad 2 With 11-Inch 2.5K Display, 9,000mAh Battery Launched in India
  2. Oppo Reno 14 5G, Reno 14 Pro 5G India Launch Timeline Leaked
  3. Pixel 10, Pixel 10 Pro Alleged Case Hint at Design Changes
  4. Boat Wave Fortune Smartwatch With NFC Tap & Pay Feature Launched in India
  5. GTA 6 Delay Weighs on Global Videogame Market Growth, Data Shows
  6. Apple Back to School Offer Brings Discounts on iPad Air, Other Products
  7. iQOO Z10 Lite 5G With 6,000mAh Battery Launched in India: Price, Features
  8. Government Announces FASTag-Based Annual Pass for Highway Commutes
  9. Top Smartphones Under Rs 50,000 in India (June 2025): Check List
  1. SpaceX Launches 26 Starlink Satellites from California to Expand Low Earth Orbit Internet Network
  2. NASA and DoD Simulate Critical Abort Scenarios to Secure Artemis II Moon Mission
  3. Brain’s Built-In Signal Threshold Helps Differentiate Imagination from Reality
  4. Feather-Legged Lace Weaver Spider Uses Toxic Silk Instead of Fangs to Kill Its Prey
  5. New Habitability Model Helps Identify Which Alien Planets Might Be Able to Host Life
  6. Warner Bros. Games Restructures to Focus on Harry Potter, Game of Thrones, Mortal Kombat and DC Franchises
  7. Google Pixel 10, Pixel 10 Pro Alleged Case Suggests Minor Design Changes From Predecessors
  8. Oppo Reno 14 5G, Reno 14 Pro 5G India Launch Timeline Leaked
  9. Nothing Phone 3 to Offer Longer Android and Security Update Support Than Its Predecessor
  10. Boat Wave Fortune Smartwatch With NFC Tap & Pay Feature, Bluetooth Calling Launched in India
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.