A flaw in chipmaker Qualcomm’s mobile processor, used in 60 percent of Android mobiles, allows attackers to crack full disk encryption on the device. Only 10 percent of Android devices running Qualcomm processors are not vulnerable to this type of attack.
Researchers at Duo Labs said the vulnerability is tied to Android’s problem-plagued mediaserver component coupled with a security hole in Qualcomm’s Secure Execution Environment (QSEE). Together, these vulnerabilities could allow someone with physical access to the phone to bypass the full disk encryption (FDE).
The vulnerability, discovered by Gal Beniamini last week, builds off of earlier research by Beniamini and Duo Labs published in May. That’s when both highlighted a previously unpatched vulnerability (CVE-2016-2431) in Google’s mediaserver component. Google has since patched that vulnerability, but a large percentage of Android phones have yet to receive that update.