In theory, a “Quadrooter attack” can give the perpetrator full access to all information stored in the phone, right down to administrator level.
The security holes are present in all mobile phones based on Qualcomm chips. Qualcomm has already been a major player in the industry and their chip is estimated to be in over 900 million mobile phones and tablets.
Affected devices include:
- US versions of the Samsung Galaxy S7 and Samsung S7 Edge
- Sony Xperia Z Ultra
- Oneplus One, Oneplus 2 and Oneplus 3
- Google Nexus 5X, Nexus 6 and Nexus 6P
- Blackberry Priv and Dtek50
- HTC One, HTC M9 and HTC 10
- LG G4, LG G5, and LG V10
- Motorola New Moto X
Checkpoint says it forwarded information about the bugs to Qualcomm earlier this year. According to information, Qualcomm should have patches ready for delivery and have fixed the security flaws in newly produced chips. Said patches must have been distributed further to mobile manufacturers and operators.
However, there is no information on which manufacturers made these available to consumers.