Zero-day exploits found in Android VoIP

News
By
published

Multiple security concerns raised

Vulnerabilities found in Android VoIP
(Image credit: Shutterstock)

Chinese researchers have found no less than nine zero-day vulnerabilities in how Android handles VoIP in its more recent versions.

The researchers stated that most security investigations focus on network infrastructure and apps, whereas they decided to look at Android’s VoIP integration. 

What they found were flaws that could allow a malicious user to:

  • Deny voice calls
  • Spoof the caller ID
  • Make unauthorized call operations
  • Remotely execute code

The main problem areas were the VoLTE and VoWiFi functions of Android.

The researchers submitted their findings to Google, who confirmed them with bug bounty awards.

The flaws were discovered through a novel combination of on-device Intent/API fuzzing, network-side packet fuzzing, and targeted code auditing.

They discovered that the problems were present from Android version 7.0 to the more recent 9.0, two-thirds of which could be exploited by a network-side adversary due to incompatible processing between VoIP and PSTN calls.

According to the researchers, the security consequences of the vulnerabilities are "serious", though Google is shortly expected to release a patch.

However, it's not the first time VoIP vulnerabilities have made the headlines in recent weeks. A report last month found that telecoms giant Avaya had failed to apply a patch to a known vulnerability in its own phone system, even though it was made available 10 years ago.

Android security woes

The news comes only days after we reported on a zero-day exploit in the Android kernel, which could allow a malicious hacker to gain root access to Android phones.

This vulnerability was patched in Android, kernel versions 3.18, 4.14, 4.4 and 4.9, but not in more recent ones.

The problem for users is that Google's Threat Analysis Group (TAG) confirmed that this vulnerability had already been used in real-world attacks. However, it does require a malicious app to already be installed and running on the user's phone.

Via ZDNet

Brian Turner
Brian Turner

Brian has over 30 years publishing experience as a writer and editor across a range of computing, technology, and marketing titles. He has been interviewed multiple times for the BBC and been a speaker at international conferences. His specialty on techradar is Software as a Service (SaaS) applications, covering everything from office suites to IT service tools. He is also a science fiction and fantasy author, published as Brian G Turner.

Latest in Phone & Communications
ThinkPhone 25 by Motorola
I reviewed the ThinkPhone 25 by Motorola and while it's not as fast as its predecessor, it's the superior phone in so many ways
FRITZ!Box 7690 WiFi 7 Router
FRITZ!Box tries to embrace both business and home customers with its new 7690 router
Ulefone Armor Pad 4 Ultra Thermal
Other than screen reflection, I’m still looking for the downside to the Ulefone Armor Pad 4 Ultra Thermal tablet
Unihertz Tank Pad 8849
Carrying the Unihertz Tank Pad 8849 provided me with a full workout
Doogee Fire 6
The Doogee Fire 6 is another rugged retro SoC phone that fails to justify its cost or your interest
AGM H Max
AGM H Max rugged phone review
Latest in News
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
Apple iPhone 16 Review
Three iPhone 17 model dummy units appear in a hands-on video leak
The Samsung Galaxy S25 Edge on display the January 22, 2025 Galaxy Unpacked event.
New Samsung Galaxy S25 Edge may have revealed some key details – including its price
More about phone communications
ThinkPhone 25 by Motorola

I reviewed the ThinkPhone 25 by Motorola and while it's not as fast as its predecessor, it's the superior phone in so many ways
FRITZ!Box 7690 WiFi 7 Router

FRITZ!Box tries to embrace both business and home customers with its new 7690 router
Image of GTA 6 protagonists and PS5

GTA 6's console-only launch reminds me of how much I despise console exclusivity - is it worth waiting years for PC ports?
See more latest
Most Popular
Samsung NAND
Well, that's unexpected: Samsung will team up with its fiercest Chinese rival to produce next gen NAND flash
MacBook Air mute key
The new M4 MacBook Air finally fixes an Apple keyboard annoyance that's been around for decades
Gaming with AI
I asked Gemini to play a text-based adventure game with me and the AI whisked me away to a word-based fantasy
A collage of Ellie and Joel in The Last of Us season 2
The Last of Us season 2's new trailer teases a huge showdown between Bella Ramsey's Ellie and Pedro Pascal's Joel, but the big moment I'm waiting for is still being held back
Molecular hard drive
Chinese researchers are looking to create a revolutionary type of hard drive based on organic materials but huge unknowns remain
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 10 (game #1141)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 10 (game #372)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 10 (game #638)
Apple iPhone 16 Pro Max REVIEW
New iPhone 17 Air leak may have revealed some key specs – and how it compares to the iPhone 17 Pro Max
Dynabook Portégé Z40L-N
Dynabook's newest laptop has a 4-year warranty, a swappable battery, a weight of under 1 kg, and even a LAN port