Android Flaw Affects Millions of Devices Going Back 5 Years

Exploiting the flaw requires the attacker to have physical access to an unlocked device, or, the victim can be tricked into installing a malicious application on the device.

Tara Seals

A widespread vulnerability has been discovered that affects Android devices going back a whopping five years. It gives attackers access to victims’ SMS databases and phone history, and allows them to access the internet—all undetected.

The issue affects both flagship and non-flagship devices that use Qualcomm chips and/or Qualcomm code, meaning that hundreds of models are affected and likely millions of gadgets. Mandiant’s Red Team has confirmed the vulnerability on devices running Lollipop (5.0), KitKat (4.4), and Jellybean MR2 (4.3) and Ice Cream Sandwich MR1 (4.0.3)—meaning that it’s mostly older devices that are affected.

To read the entire article, please click here.