Qualcomm Confirms Cyberattack On Android Phones With Its Chipsets

Turns out, the exploitable vulnerability affects a wide range of Qualcomm’s mid-range and flagship chipsets, modems as well as FastConnect modules. In its security bulletin, Qualcomm has listed the chipsets and the vulnerability levels, ranging from medium to critical.
The security flaw was discovered by researchers over at the Google Threat Analysis Group and Amnesty International Security Lab, now confirmed by Qualcomm.
Some of the popular flagship chipsets listed in this bulletin are the Snapdragon 8 Gen 1, 8+ Gen 1, 8 Gen 2, 8+ Gen 2, and 8 Gen 3. Even the Snapdragon X65 5G modem that iPhone 14 models use as well as the Snapdragon X75 5G that the latest iPhone 16 use are at risk.
Even older Qualcomm chipsets like the Snapdragon 662, 680, 695, 765, 865+, 888, and 888+ are also affected by the vulnerability. From the looks of it, neither entry-level nor flagship-grade Qualcomm-using Android phones are safe. The vulnerability tagged CVE-2024-43047, in the report mentions,
The suggested course of action listed on America’s Cyber Defence Agency’s website is to, “apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.” Moreover, Qualcomm stated that it has shared the patch addressing this vulnerability with OEMs and alerted them to roll it out to users as soon as possible.
Now, although iPhones are using Qualcomm’s affected 5G modems, it’s unclear whether they are at risk too. Moreover, it was mostly individuals affected by said vulnerability in hacking campaigns. The motive behind exploiting this vulnerability in Android phones is also unclear. Hopefully, more concrete details about the affected users will surface online in the coming days.
For now, all you can do is hope that you get the zero-day vulnerability patch from your phone maker at the earliest. With cyberattacks increasing at an unprecedented scale globally, companies need to buckle up and conduct active audits of their security systems to detect such vulnerabilities. What do you think about the entire debacle of Qualcomm’s chipset vulnerability? Drop your thoughts in the comments down below.