- UNISOC chip affected by a security and privacy flaw
- The vulnerability is associated with the UNISOC SC9863A chipset
- The chipset is prone to hackers, owing to an app, who could gain access to mobile phone
UNISOC SC9863A chipset is in the midst of the news for all the wrong reasons. The chipset, which can be found in several budget smartphones in India and elsewhere, has a critical security flaw, per Kryptowire, a provider of cloud-based mobile security and privacy solutions. The vulnerability is due to an app bundled with the UNISOC chipset, which if exploited, could allow hackers to get their hands on user data and the functionality of the device. The hacker can also use the vulnerability to control the external-facing camera or mic and remotely modify or erase data.
“The vulnerability allows intruders to access call and system logs, text messages, contacts, and other private data, video record the device’s screen or use the external-facing camera to record video, or even take control of the device remotely, altering or wiping data,” said Kryptowire, in a press statement. Kryptowire claims that it informed Chinese manufacturer UNISOC as well as the handset makers and wireless carriers of the flaw back in December; however, UNISOC hasn’t responded yet.
Alex Lisle, Chief Technical Officer, Kryptowire, said, “In an increasingly competitive mobile device market, it’s imperative that device manufacturers establish and maintain trust among carriers and end-users.”
![[Exclusive] OPPO K10 specifications revealed ahead of March 23rd India launch](https://www.91-cdn.com/hub/wp-content/uploads/2022/03/OPPO-K10-feat.jpg?tr=w-217,h-115,c-force,dpr-2/)
![[Exclusive] OnePlus 10R enters private testing in India, launch seems imminent](https://www.91-cdn.com/hub/wp-content/uploads/2022/03/OnePlus-10R.jpg?tr=w-217,h-115,c-force,dpr-2/)
Table of Contents
List of UNISOC SC9863A-powered smartphones
Here’s a list of smartphones that come powered by the UNISOC SC9853A chipset in India.
- Realme C11
- Samsung Galaxy A03 Core
- Nokia C01 Plus
- Nokia C20 Plus
- Nokia C30
- Gionee Max
- Gionee Max Pro
- itel A49
- LAVA Be U
- Tecno Pop 5 LTE
What can you do?
A Kryptowire spokesperson told TomsGuide that Nokia had fixed the vulnerability on the affected phones. However, there is no update on other UNISOC SC9863A-powered phones yet. Here’s what you can do if you have got those devices
- Download a good antivirus app: You can install an antivirus app to prevent malicious apps from being downloaded. Also, download apps from Google Play Store only. Avoid using any other platforms to download the app.
- Contact manufacturer or carrier: It’s advised to contact your smartphone manufacturer or carrier and check if they have done anything to fix this issue.
- If you can, stop using the smartphone until the issue is fixed.
