CVE-2020-11261: Some Details
If exploited successfully, the flaw could cause memory corruption when a malicious app requests access to the device’s memory. According to Google, the vulnerability has been used in targeted attacks.
It should be mentioned that the CVE-2020-11261 vulnerability can only be exploited locally, as it requires local access to the device. This means that an attack is only possible if the threat actor has physical access. Another attack initiation scenario is using the so-called watering hole approach. This strategy requires knowing the websites the victim visits in order to infect them with malware.
Google hasn’t provided any details on the targeted attacks, most probably to prevent other threat actors from exploiting the flaw.
Previous Qualcomm Vulnerabilities Affecting Android
In 2020, a severe Qualcomm vulnerability affecting Android was also disclosed. Called Achilles, the vulnerability was defined as a collection of over 400 bugs in the embedded Qualcomm chipsets. The core of the issues was a disruption in the DSP processor functions, which caused improper handling of the most important features of the Android device: process execution, charging, and multimedia execution.
Threat actors could the Achilles bug in different distribution campaigns – from directly creating malicious files, to using payload carriers and SPAM email messages.
In 2019, a chain of two security bugs (CVE-2015-6639 and CVE-2016-2431) were discovered in the Qualcomm Secure World virtual processor, which could be exploited to leak financial information.