Israeli security firm Check Point Research recently disclosed a flaw in Qualcomm’s Mobile Station Modem that affects millions of Android phones worldwide. According to the firm, attackers can exploit this flaw to gain access to your text messages and phone calls, and even unlock your SIM card in some cases.
While Qualcomm claims that it had already issued a fix back in December last year, the catalog number assigned to the vulnerability (CVE-2020-11292) has not appeared in any Android security bulletin since then. So, it isn’t exactly clear how many devices have received the patch over the last few months. Thankfully, Samsung has now announced that it has been releasing the fix to affected Galaxy phones since January 2021 and all devices with an Android Security Patch Level of May 2021 or later “will be considered protected from the disclosed vulnerability.”
In a recent post on its Mobile Security page, Samsung wrote:
“Security researchers at Check Point have reported a vulnerability within Qualcomm’s modem chipsets affecting select Samsung devices. The vulnerability disclosed by Check Point may allow a malicious app to gain access to device user information. Samsung Android devices with Qualcomm chipsets are affected by the vulnerability disclosed by Check Point, and Samsung has been releasing patches for affected select Samsung devices since January of 2021.”
The post further mentions that Samsung Galaxy devices with Qualcomm chips that have received the May 2021 security update have been patched already. The company also encourages users to install the latest security patches as soon as they’re available to ensure that their phones are protected.
For the unaware, Samsung has already started rolling out the May 2021 security patches to the Galaxy S21 series, the Galaxy Note 20 series, the Galaxy S20 series, the Galaxy Z Flip 5G, and the Galaxy Fold 5G. The company has also released the security update to a couple of mid-range devices, including the Galaxy A50 and the Galaxy A51, in select regions.