Asia Tech Wire (Oct 14) -- Qualcomm has issued a security advisory stating that a potentially serious zero-day vulnerability - CVE-2024-43047 - exists in the Digital Signal Processor (DSP) service of up to 64 of its chipsets, and that the bug has shown limited and targeted signs of exploitation.

The vulnerability has a wide range of impact, involving Qualcomm FastConnect, Snapdragon and other series totaling 64 chipsets, covering smartphones, automotive, IoT devices and other areas.

Xiaomi, vivo, OPPO, HONOR and other Chinese cell phone manufacturers have adopted Qualcomm Snapdragon 4G/5G mobile platforms and related 5G modem-RF systems, and Apple's iPhone 12 series has also adopted the Snapdragon X55 5G modem-RF system.

Qualcomm has now provided patches to OEMs for issues affecting the FASTRPC driver and strongly recommends deploying the update on affected devices as soon as possible.