The alarm comes from Check Point Research (Cpr), the Threat Intelligence division of Check Point Software Technologies (leading provider of cybersecurity solutions globally): the privacy of two thirds of Android users around the world is at risk. The company has in fact identified vulnerabilities in the audio decoders of Qualcomm and MediaTek, the two largest manufacturers of mobile chips. Unpatched, the flaws would lead a hacker to gain remote access to media and audio conversations. CPR estimates that more than two-thirds of phones worldwide have been found to be vulnerable.
History
The Android revolution is called Niagara: these are the interfaces of the future
by Antonio Dini
Not only that: the vulnerability could be used by a hacker for a remote code execution (RCE) on a mobile device through a malformed audio file. And an RCE attack can run malware for a hacker by gaining control over a user’s media data, including streaming from the compromised device’s camera.