A new vulnerability of Android phones that lets Bluetooth and USB accessories access the handsets has come to light. According to a report by TechCrunch, a total of 10 smartphones including Google Pixel 2 and Samsung Galaxy S8+ have been affected by this vulnerability.
The research tested 10 different smartphones from six vendors with 6 different Android versions. These are Samsung Galaxy Note 2 (running on Android version 4.3), Samsung Galaxy S3 (running on Android version 4.3), LG G3 (running on Android version 6.0), HTC Desire 10 Lifestyle (running on Android version 6.0.1), LG Nexus 5 (running on Android version 5.1.1), Motorola Nexus 6 (Android version 6.0.1), Huawei Nexus 6P (running on Android version 6.0), Samsung Galaxy S8+ (running on Android version 8.0.0), Huawei P8 Lite (running on Android version 5.0.1) and Google Pixel 2 (running on Android version 8.0.0)
As per the report, this vulnerability is found in the interface that is used to communicate with the baseband firmware — which is the software that is used in the process of making calls or using the internet. This baseband that is otherwise inaccessible, is vulnerable in some Android phones and can allow an attacker to run commands on a connected Android phone.”
The report however suggests that not all the vulnerable smartphones are manipulated in the same way. For instance, the Galaxy S8+ could be tricked into leaking critical information such as IMEI number and redirect phone calls to another phone and downgrade their cellular connection. Other devices, however, were found to be not as vulnerable “but were susceptible to commands that could be used to block internet connectivity and phone calls.”
“If your smartphone is connected with a headphone or any other Bluetooth device, the attacker can first exploit the inherent vulnerabilities of the Bluetooth connection and then inject those malformed AT commands,” the researchers said. AT commands are the commands that are accepted by the baseband firmware.