Audio codec flaw left two-thirds of Android smartphones vulnerable to spying
Major chipset makers ported vulnerable code into their audio decoders, potentially leaving half the world's Android devices open to remote code execution (RCE) attacks.
Security researchers at Check Point discovered that Android devices running on Qualcomm and MediaTek chips were vulnerable to RCE attacks. The vulnerability was discovered within the Apple Lossless Audio Codec (ALAC).
According to Check Point, the ALAC, an audio coding format, was introduced by Apple in 2004 and made open source by late 2011. Even though Apple has been updating the proprietary version of the decoder, the shared code has not been patched since 2011.
Researchers claim that many third-party vendors use the Apple-supplied code as the basis for ALAC implementations, and it's unlikely that they maintain the external code.
"Check Point Research has discovered that Qualcomm and MediaTek, two of the largest mobile chipset makers in the world, ported the vulnerable ALAC code into their audio decoders, which are used in more than half of all smartphones worldwide," reads the report.
Data from the last quarter of 2021 shows that Qualcomm and MediaTek together hold 66% of the global smartphone market.
Researchers discovered that a potential attacker could use the ALAC flaw for an RCE attack on a mobile device through malformed code on a computer.
Worryingly, the range of the attack covers anything from malware execution to gaining control over users' multimedia data, including streaming from victims' device's camera.
"In addition, an unprivileged Android app could use these vulnerabilities to escalate its privileges and gain access to media data and user conversations," claim the reports' authors.
Researchers disclosed the information to chip makers and said both vendors have worked closely to resolve the issue.
Comments
Your email address will not be published. Required fields are markedmarked