Zero-day exploits found in Android VoIP

Vulnerabilities found in Android VoIP
(Image credit: Shutterstock)

Chinese researchers have found no less than nine zero-day vulnerabilities in how Android handles VoIP in its more recent versions.

The researchers stated that most security investigations focus on network infrastructure and apps, whereas they decided to look at Android’s VoIP integration. 

What they found were flaws that could allow a malicious user to:

  • Deny voice calls
  • Spoof the caller ID
  • Make unauthorized call operations
  • Remotely execute code

The main problem areas were the VoLTE and VoWiFi functions of Android.

The researchers submitted their findings to Google, who confirmed them with bug bounty awards.

The flaws were discovered through a novel combination of on-device Intent/API fuzzing, network-side packet fuzzing, and targeted code auditing.

They discovered that the problems were present from Android version 7.0 to the more recent 9.0, two-thirds of which could be exploited by a network-side adversary due to incompatible processing between VoIP and PSTN calls.

According to the researchers, the security consequences of the vulnerabilities are "serious", though Google is shortly expected to release a patch.

However, it's not the first time VoIP vulnerabilities have made the headlines in recent weeks. A report last month found that telecoms giant Avaya had failed to apply a patch to a known vulnerability in its own phone system, even though it was made available 10 years ago.

Android security woes

The news comes only days after we reported on a zero-day exploit in the Android kernel, which could allow a malicious hacker to gain root access to Android phones.

This vulnerability was patched in Android, kernel versions 3.18, 4.14, 4.4 and 4.9, but not in more recent ones.

The problem for users is that Google's Threat Analysis Group (TAG) confirmed that this vulnerability had already been used in real-world attacks. However, it does require a malicious app to already be installed and running on the user's phone.

Via ZDNet

Brian Turner

Brian has over 30 years publishing experience as a writer and editor across a range of computing, technology, and marketing titles. He has been interviewed multiple times for the BBC and been a speaker at international conferences. His specialty on techradar is Software as a Service (SaaS) applications, covering everything from office suites to IT service tools. He is also a science fiction and fantasy author, published as Brian G Turner.

Latest in Phone & Communications
GlocalMe KeyTracker
When I tested this global tracker, it trounced the Apple AirTag in so many ways
Privacy Hero II
Privacy Hero II VPN Router
ThinkPhone 25 by Motorola
I reviewed the ThinkPhone 25 by Motorola and while it's not as fast as its predecessor, it's the superior phone in so many ways
FRITZ!Box 7690 WiFi 7 Router
FRITZ!Box 7690 router review
Ulefone Armor Pad 4 Ultra Thermal
Ulefone Armor Pad 4 Ultra Thermal rugged tablet review
Unihertz Tank Pad 8849
Unihertz Tank Pad 8849 rugged tablet review
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring