Silent Circle plugs security hole in Blackphone that could give attacker control of phone


Source: Silent Circle

Silent Circle, maker of the highly secure Blackphone, depends on the secure reputation of its phone to attract government agencies and enterprise users.

So it moved purposefully to plug a security hole in Blackphone that could enable an attacker to gain remote control of the phone by exploiting a vulnerability in the phone's Icera modem made by nVidia.

The security hole was uncovered by researchers at SentinelOne, who informed Silent Circle in August about the problem. Silent Circle asked SentinelOne to submit the issue to the Bugcrowd bug bounty program. The flaw was fixed in Patch 1.1.13 RC3, which was pushed out in early December.

Blackphone provides users control over app permissions, such as the bundled Silent Phone and Silent Text services that anonymize and encrypt communications.

During a reverse engineering process, the researchers uncovered an open and accessible socket on the Blackphone, wrote Tim Strazzere, director of mobile research at SentinelOne, in a blog post Wednesday.

If an attacker were able to successfully exploit the vulnerability, he or she would be able to send and receive text messages, dial or connect calls, check the state of phone calls, reset phone settings, enable call forwarding, mute the phone, and other actions.

"This vulnerability illustrates the breadth and depth of the attack surface on this and other devices," Strazzere wrote. He added that the increasing use of third-party technology, in this case the Icera modem supplied by nVidia, makes it more difficult to detect and fix security problems.

nVidia announced last year that it was phasing out its Icera modem business.

For more:
- read the SentinelOne blog post

Related Articles:
Silent Circle launches Blackphone 2 with enterprise-friendly features
Spotlight: Blackphone maker integrates devices, software with SOTI EMM platform
Blackphone gets enterprise makeover; Silent Circle adds tablet to lineup