Security researchers have discovered an exploit in the Nexus 6 and Nexus 6P devices which permits hackers to take over the devices’ modem. Thankfully, it has been silently patched.
These patches were launched prior to revealing this exploit to the public. The Nexus 6 received the update in November while the Nexus 6P gained the same patch early this month.
A team from IBM’s X-Force were the first to find out about these exploits. They discovered a loophole in the bootmode of the Nexus devices that allows a take over of the modem during the bootup process.
However, it did require that these devices have the Android Debug Bridge (ADB) turned on, which is usually on done by app developers to load APKs on Android devices.
Having said that, the crew from X-Force revealed that there were alternate ways that could enable the ADB despite the user setting it as disabled in the settings.
This could lead to the attackers placing phone calls or robbing call information from the devices. They could also find out the device’s precise GPS coordinates. Fortunately, this problem has been solved.
Well, Google deserves a pat on its back.