TR-21-0390 (Qualcomm Mobile Chips Zafiyeti)

Genel Bilgi

Qualcomm mobil işlemcilerde güvenlik zafiyeti tespit edilmiştir.

Etki

Mevcut güvenlik açıklığı nedeniyle bu çipi kullanan akıllı telefonların saldırıya uğraması ihtimal dahilindedir. İlgili zafiyetlerin kodları şöyledir:

CVE-2020-11292 ve CVE-2021-21551

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), kullanıcı ve sistem yöneticilerine yüksek önemde olduğu belirtilen zafiyet için Qualcomm Güvenlik Bildirimleri sayfasını incelemerini ve gerekli önlemleri almaları tavsiye etmektedir.

Kaynaklar

https://www.securitynewspaper.com/2021/05/06/vulnerabilities-in-qualcomm-mobile-chips-expose-smartphones-from-samsung-xiaomi-oneplus-and-lg/

https://threatpost.com/qualcomm-chip-bug-android-eavesdropping/165934/

https://threatpost.com/dont-trust-android-oem-patching-claims-researcher/131183/

https://www.itsecuritynews.info/qualcomm-bug-impacts-about-30-of-all-smartphones/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ItSecurityNewsAggregated+%28IT+Security+News%29

https://www.itsecuritynews.info/qualcomm-snapdragon-855-modem-code-flaw-exposed-android-smartphones-to-possible-snooping/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ItSecurityNewsAggregated+%28IT+Security+News%29

https://www.androidpolice.com/2021/05/06/qualcomm-modem-vulnerability-could-let-hackers-listen-to-your-calls-on-millions-of-android-phones/

https://www.techinvestornews.com/https://www.techinvestornews.com/Mobile/Latest-Mobile-News/new-qualcomm-modem-vulnerability-affects-40-of-devices-according-to-researc

https://www.techspot.com/news/89583-qualcomm-chips-hundreds-millions-android-phones-have-critical.html

https://www.techspot.com/news/86699-blurtooth-vulnerability-opens-millions-bluetooth-devices-mitm-attacks.html

https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp

https://www.securitynewspaper.com/2021/05/06/vulnerabilities-in-qualcomm-mobile-chips-expose-smartphones-from-samsung-xiaomi-oneplus-and-lg/

2021-05-07



Kaynak