Researchers have discovered a way to use shared resources on SoCs as bridges to launch lateral privilege escalation attacks.
A new research paper has been published revealing that an attacker can extract passwords and manipulate web traffic on a Wi-Fi chip by targeting the Bluetooth component of mobile devices featuring multiple wireless technologies. Smartphones, tablets and other modern mobile devices feature Systems on a Chip (SoC) that contain separate Bluetooth, Wi-Fi and LTE components each with their own dedicated security implication. However, these components often share many of the same resources like a device’s antenna or wireless spectrum. Researchers from the University of Darmstadt, Brescia, CNIT and the Secure Mobile Networking Lab have discovered that it’s possible to use these shared resources as a bridge for launching lateral privilege escalation attacks across wireless chip boundaries according to a new report from Bleeping Computer.
