Check Point revealed all of this to Qualcomm last October calling it a high-rated vulnerability. The chip maker told the phone manufacturers that use Qualcomm’s modem chips. So far, the vulnerability has not been fixed and we can only hope that Qualcomm and Google will patch this in a future security update.
However, Qualcomm says that it did made fixes available to “many” Android phone manufacturers last December and that these firms passed along security updates to end users. The vulnerability will be part of the June Android bulletin.
Qualcomm issued a statement today that said, “Providing technologies that support robust security and privacy is a priority for Qualcomm. We commend the security researchers from Check Point for using industry-standard coordinated disclosure practices. Qualcomm Technologies has already made fixes available to OEMs in December 2020, and we encourage end users to update their devices as patches become available.”