Three security vulnerabilities have been disclosed in the audio decoders of Qualcomm and MediaTek chips that, if still left unresolved, could allow an adversary to remotely obtain entry to media and audio discussions from impacted cellular products.
According to Israeli cybersecurity firm Test Point, the issues could be made use of as a launchpad to have out remote code execution (RCE) attacks just by sending a specially crafted audio file.
“The impression of an RCE vulnerability can array from malware execution to an attacker gaining management more than a user’s multimedia knowledge, such as streaming from a compromised machine’s camera,” the researchers reported in a report shared with The Hacker News.
Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.
Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).
➤ Activate Your Coupon Code
“In addition, an unprivileged Android app could use these vulnerabilities to escalate its privileges and acquire obtain to media data and user discussions.”
The vulnerabilities are rooted in an audio coding structure originally created and open up-sourced by Apple in 2011. Referred to as the Apple Lossless Audio Codec (ALAC) or Apple Lossless, the audio codec format is employed for lossless knowledge compression of electronic tunes.
Due to the fact then, many 3rd-party distributors, together with Qualcomm and MediaTek, have integrated the Apple-supplied reference audio codec implementation as the basis for their have audio decoders.
And even though Apple has continually patched and remediated security flaws in its proprietary variation of ALAC, the open up-sourced variant of the codec has not acquired a one update due to the fact it was uploaded to GitHub 11 a long time ago on October 27, 2011.
The vulnerabilities found by Look at Place relate to this ported ALAC code, two of which have been determined in MediaTek processors and 1 in Qualcomm chipsets –
- CVE-2021-0674 (CVSS rating: 5.5, MediaTek) – A circumstance of poor input validation in ALAC decoder main to details disclosure devoid of any consumer interaction
- CVE-2021-0675 (CVSS score: 7.8, MediaTek) – A community privilege escalation flaw in ALAC decoder stemming from out-of-bounds produce
- CVE-2021-30351 (CVSS rating: 9.8, Qualcomm) – An out-of-bound memory accessibility due to incorrect validation of variety of frames being handed all through tunes playback
In a proof-of-principle exploit devised by Look at Level, the vulnerabilities made it feasible to “steal the phone’s digital camera stream,” reported security researcher Slava Makkaveev, who is credited with finding the flaws alongside Netanel Ben Simon.
Following dependable disclosure, all the 3 vulnerabilities were being closed by the respective chipset makers in December 2021.
“The vulnerabilities were being very easily exploitable,” Makkaveev described. “A menace actor could have sent a music (media file) and when performed by a probable sufferer, it could have injected code in the privileged media service. The risk actor could have noticed what the cellular phone consumer sees on their phone.”
Located this posting attention-grabbing? Abide by THN on Fb, Twitter and LinkedIn to browse a lot more exclusive content we write-up.
Some components of this post are sourced from:
thehackernews.com
New Incident Report Reveals How Hive Ransomware Targets Organizations