A mobile security firm has raised an alert for users who have purchased smartphones powered by UNISOC chipset. These chipsets contain a serious security flaw that allows bad actors to access the system and call logs, text messages, contacts and other private data. Keep reading to learn more about the error and the devices that can be affected by it.
On March 15, 2022, Cryptowire, a mobile security and privacy solutions company, announced that they have “identified a critical security and privacy vulnerability affecting mobile devices with UNISOC, the designer of China’s largest chips for mobile phones”. ” Adding to this, the firm says that “vulnerabilities within the chipset, if exploited, allow malicious actors to take control of user data and device functionality.” This is bad news for Android smartphones running on UNISOC chipset in India too.
A security bug in UNISOC chips has put a large number of Android devices at risk
In addition to gaining access to multiple device controls, the vulnerability allows intruders to record activities that occur on the smartphone’s screen or remotely control the device. Cryptowire mentioned in its release that it has already notified the manufacturers and carriers as well as Unisock in December 2021. It is not clear at the moment whether the companies have addressed the issue.
After tie-ups with several smartphone makers, UNISOC began providing chipsets for several models. For example, the Realme C11 launched in 2021 comes with a UNISOC chipset. The price of the smartphone is Rs. With 7,556 on Flipkart and close to two lakh ratings on the platform, the actual number of users who have bought the smartphone is huge. Another smartphone of the same company, Realme C21Y, is currently available on Flipkart for Rs 10,499. It is also powered by the UNISOC T610 chipset.
It has got two lakh ratings on the e-commerce platform. Additionally, Motorola e40 and Nokia C01 Plus are another popular smartphone powered by UNISOC chipset. Based on this, there are many users whose information could be at risk. Since the error is directly linked to the chipset, not much can be done to avoid cyber attacks.
