A mobile security firm has raised alerts to users who have purchased smartphones powered by a UNISOC chipset. These chipsets have a critical security error that allows bad actors to access system and call logs, text messages, contacts and other private data. Keep reading to know more about the error and the devices that can be affected by it.
On March 15, 2022, a mobile security and privacy solutions company Kryptowire announced that they “have identified a critical security and privacy vulnerability affecting mobile devices with UNISOC, China’s largest designer of chips for mobile phones.” Adding to it, the firm says that “the vulnerability within the chipset, if exploited, allows malicious actors to take control over user data and device functionality.” This is bad news for Android smartphones that run on UNISOC chipsets, even in India.
A security bug in UNISOC chips has put a large number of Android devices in danger
Apart from gaining access to several device controls, the vulnerability allows intruders to record the activities happening on the screen of a smartphone or event taking control of the device remotely. Kryptowire mentioned in its release that it has already informed the manufacturers and carriers, as well as UNISOC, back in December 2021. Whether companies have addressed the issue or not is not clear at the moment.
After tie-ups with several smartphone manufacturers, UNISOC started providing chipsets for a number of models. For instance, the Realme C11 launched in 2021 comes with a UNISOC chipset. The smartphone is priced at Rs. 7,556 on Flipkart and has close to two lakh ratings on the platform, the actual number of users that would have purchased the smartphone being larger. Another smartphone from the same company, Realme C21Y is currently available on Flipkart for Rs 10,499. It is also powered by a UNISOC T610 chipset.
This one has two lakh ratings on the e-commerce platform. Additionally, another popular smartphone powered by a UNISOC chipset is the Motorola e40 and Nokia C01 Plus. Building upon that, there are a lot of users whose information could be in danger. Since the error is directly associated with the chipset, there is nothing much that can be done to stay clear of cyber attacks.