December 8, 2023 at 01:00PM
A set of security vulnerabilities in 5G mobile modems from major chipset vendors like MediaTek and Qualcomm, dubbed 5Ghoul, affects USB, IoT modems, and numerous smartphone models. The vulnerabilities, disclosed by researchers from SUTD, could allow for continuous or downgraded attacks. Patches have been released for most flaws, impacting product vendors downstream.
Certainly! From the meeting notes, it is clear that there are significant vulnerabilities in the firmware implementation of 5G mobile network modems from major chipset vendors like MediaTek and Qualcomm. These vulnerabilities, collectively named 5Ghoul, impact USB and IoT modems, as well as numerous smartphone models running Android and iOS.
A total of 14 flaws have been identified, with 10 affecting 5G modems from both companies, and three classified as high-severity vulnerabilities. The vulnerabilities can be exploited to launch attacks that drop connections, freeze connections requiring manual reboots, or downgrade 5G connectivity to 4G.
These vulnerabilities impact a wide range of smartphone models from various brands, including Vivo, Xiaomi, Samsung, Apple, and others. The vulnerabilities were disclosed by the ASSET Research Group at the Singapore University of Technology and Design, who also previously disclosed BrakTooth and SweynTooth vulnerabilities.
The attacks attempt to deceive smartphones or 5G-enabled devices into connecting to a rogue base station, resulting in unintended consequences. Notably, CVE-2023-33042 can allow an attacker within radio range to trigger a 5G connectivity downgrade or a denial-of-service within Qualcomm’s X55/X60 modem firmware.
Patches have been released by both MediaTek and Qualcomm for 12 of the 14 flaws. However, details of the remaining two vulnerabilities have been withheld for confidentiality reasons and are expected to be disclosed in the future.
Additionally, it’s highlighted that finding issues in the implementation of 5G modems can significantly impact downstream product vendors and delay the process of producing and distributing patches to end-users. This is due to the software dependency of product vendors on modem/chipset vendors adding complexity and delays to the patch distribution process.
For further information on this topic, you may find our exclusive content on Twitter and LinkedIn informative. Thank you for providing the meeting notes.