Notebookcheck Logo
, , , , , ,
search relation.
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
 

Broadcomm WiFi can be hacked on iPhone and several modern Android phones

This is the second time this year that a broadcom WiFi chip has caused security issues. (Source: Business Insider)
This is the second time this year that a broadcom WiFi chip has caused security issues. (Source: Business Insider)
A Black Hat researcher has found a vulnerability with Broadcom wireless chips used in various phones including iPhone, Nexus, and Galaxy S phones. This bug allows a hacker to overflow the memory in the wireless chip and execute code in the device memory. Apple and Google have patched the flaw, but will third party manufacturers push the update to their devices?
Craig Ward,
Android Apple ARM Fail Galaxy S iPhone iPhone 7 Security Smartphone Software Touchscreen

A particularly worrisome smartphone vulnerability has been made public at the recent Black Hat Conference 2017 in Las Vegas. This bug is a reason for concern because of the sheer number of devices it affects — phones running Broadcom BCM43xx WiFi modules — a list which includes all models of the Apple iPhone 5 and newer, Google Nexus 5/6/6X/6P, Samsung Note 3, and Samsung Galaxy S3-S8.

When an infected device detects another using the compromised Broadcom chip, it utilizes a poorly written piece of code which allows data sent to the WiFi chip to overflow from its memory into other device memory where it can run as a command. Apple and Google were made aware of this security flaw before it was released to the public, and both have written patches that help stop the firmware flaw in the Broadcom chip from compromising the operating system. If your phone is running the latest version of iOS or has the July Android security patches, then you're protected.

Now Android's fragmentation problem shows again. Apple and Google have direct links to their phones, allowing them to patch any models affected, but adding a middleman in the process brings delays. We don't know if the older Galaxy phones will get the patch, or if other manufacturers have used the problematic Broadcom chips which might never update their phones. Problems like these and the way companies deal with them play a large part in whether security conscious people still buy third party phones, or if they shift their focus towards first party offerings.

Source(s)

static version load dynamic
Loading Comments
Comment on this article
Craig Ward
Craig Ward - Tech Writer - 397 articles published on Notebookcheck since 2017
I grew up in a family surrounded by technology, starting with my father loading up games for me on a Commodore 64, and later on a 486. In the late 90's and early 00's I started learning how to tinker with Windows, while also playing around with Linux distributions, both of which gave me an interest for learning how to make software do what you want it to do, and modifying settings that aren't normally user accessible. After this I started building my own computers, and tearing laptops apart, which gave me an insight into hardware and how it works in a complete system. Now keeping up with the latest in hardware and software news is a passion of mine.
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2017 07 > Broadcomm WiFi can be hacked on iPhone and several modern Android phones
Craig Ward, 2017-07-30 (Update: 2017-07-31)