Researchers find critical bug in Unisoc smartphone chip
Cyber-security researchers on Thursday (June 2, 2022) reported a critical security vulnerability in Unisoc‘s smartphone chip being used for cellular communication in 11 per cent of the world’s smartphones.
Left unpatched, an attacker could exploit the vulnerability to neutralise or block cellular communication, according to Check Point Research, a cyber-security firm.
Unisoc, formerly Spreadtrum Communications, is a Chinese fabless semiconductor company headquartered in Shanghai, which produces chipsets for mobile phones.
The company has issued a patch to mitigate the vulnerability.
The team found the vulnerability in the modem firmware, not in the Android OS itself, that affects 4G and 5G Unisoc chipsets being used in several known brands in Africa and Asia.
“Google will be publishing the patch in the upcoming Android Security Bulletin,” said Check Point Research.
CPR disclosed its findings to Unisoc, who gave the vulnerability a score of 9.4 out of 10 (critical).
The research marks the first-time the Unisoc modem was reverse-engineered and investigated for vulnerabilities.
A hacker or a military unit can leverage such a vulnerability to neutralise communications in a specific location.
“An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker,” said Slava Makkaveev, Reverse Engineering and Security Research attorneys at Check Point Software.
“There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be released by Google in their upcoming Android Security Bulletin,” Makkaveev added.
FacebookTwitterLinkedin
Cyber-security researchers on Thursday (June 2, 2022) reported a critical security vulnerability in Unisoc‘s smartphone chip being used for cellular communication in 11 per cent of the world’s smartphones.
Left unpatched, an attacker could exploit the vulnerability to neutralise or block cellular communication, according to Check Point Research, a cyber-security firm.
Unisoc, formerly Spreadtrum Communications, is a Chinese fabless semiconductor company headquartered in Shanghai, which produces chipsets for mobile phones.
The company has issued a patch to mitigate the vulnerability.
The team found the vulnerability in the modem firmware, not in the Android OS itself, that affects 4G and 5G Unisoc chipsets being used in several known brands in Africa and Asia.
“Google will be publishing the patch in the upcoming Android Security Bulletin,” said Check Point Research.
CPR disclosed its findings to Unisoc, who gave the vulnerability a score of 9.4 out of 10 (critical).
The research marks the first-time the Unisoc modem was reverse-engineered and investigated for vulnerabilities.
A hacker or a military unit can leverage such a vulnerability to neutralise communications in a specific location.
“An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker,” said Slava Makkaveev, Reverse Engineering and Security Research attorneys at Check Point Software.
“There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be released by Google in their upcoming Android Security Bulletin,” Makkaveev added.
FacebookTwitterLinkedin
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.