views
Cyber-security researchers on Thursday reported a critical security vulnerability in UNISOC’s smartphone chip being used for cellular communication in 11 per cent of the world’s smartphones.
Left unpatched, an attacker could exploit the vulnerability to neutralize or block cellular communication, according to Check Point Research, a cyber-security firm.
Also Read: Microsoft Surface Laptop Go 2 With 11th Gen Core i5 Processor Launched: Price, Specifications
UNISOC, formerly Spreadtrum Communications, is a Chinese fabless semiconductor company headquartered in Shanghai, which produces chipsets for mobile phones. The company has issued a patch to mitigate the vulnerability.
The team found the vulnerability in the modem firmware, not in the Android OS itself, that affects 4G and 5G UNISOC chipsets being used in several known brands in Africa and Asia. “Google will be publishing the patch in the upcoming Android Security Bulletin,” Check Point Research adds.
CPR disclosed its findings to UNISOC, who gave the vulnerability a score of 9.4 out of 10 (critical). The research marks the first time the UNISOC modem was reverse-engineered and investigated for vulnerabilities. A hacker or a military unit can leverage such a vulnerability to neutralise communications in a specific location.
Also Read: Facebook Messenger Now Has A Separate Tab For Calls
“An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker,” said Slava Makkaveev, Reverse Engineering and Security Research attorney at Check Point Software.
“There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be released by Google in their upcoming Android Security Bulletin,” Makkaveev added.
Read all the Latest Tech News here
Comments
0 comment