ronald1985
https://zentalk.asus.com/en/discussion/comment/166087#Comment_166087
Unfortunately I kind of disagree, but I am happy to be challenged/corrected.
When an OEM updates firmwares, it does not automatically mean the drivers will be updated to the latest and in this case, Qualcomm modem.
Now, I cannot find proof whether it is up to date, but the nearest I can get to is the OpenGL ES version (don't know if it uses the same drivers as the modem) and this was updated on 04/07/2020.
On contrast of that, it's only 30% of the phones, which does make you wonder the drivers were already up to date.
View post
Now you're making things up. The driver is not vulnerable at all. What happens here is that the hacker can inject through the Android OS malicious code into the modem hence exploiting this vulnerability.
The 30% means ALL quallcomm devices. Remember, most budget phones use mediatek or other chipsets, only the high end / middle end segment uses qualcomm, which makes about 30% of all android smartphones.
The real problem however is that security patches don't mean the same for all devices, for instance a device with a security patch from may 2021 might not even contain the fix. Lets take samsung as a prime example here:
https://security.samsungmobile.com/securityPost.smsbAs you can see some samsung smartphones already had the fix since january, some only got the fix in the first may patch, while other models have not recived the fix yet despite being on latest may patch which can be read on their statement:
While a number of Samsung devices have already been patched starting in January of 2021, most Samsung devices with an Android Security Patch Level of May 1, 2021 or later, will be considered protected from the disclosed vulnerability. Samsung encourages all users to ensure their devices are updated once the patch becomes available for the devices.
I bolded the most important word, Samsung as usual very careful with their wording
😉
