December 11, 2023 at 04:18PM
Academic researchers from the ASSET Research Group at the Singapore University of Technology and Design have identified 14 security defects, collectively known as 5Ghoul, affecting over 700 smartphone models with specific 5G modems. These vulnerabilities can be exploited to disrupt and freeze 5G connections and affect various devices, requiring patches to address them.
From the given meeting notes, we can extract the following key takeaways:
1. Researchers from the ASSET Research Group at the Singapore University of Technology and Design have identified and highlighted 14 security vulnerabilities collectively known as 5Ghoul, affecting numerous smartphone models utilizing specific 5G modems, primarily from Qualcomm and MediaTek.
2. These vulnerabilities can be exploited to disrupt 5G connections, conduct downgrading attacks, and force devices to manual reboot.
3. Exploiting the 5Ghoul vulnerabilities relies on a malicious base station (gNB) that distracts vulnerable devices and manipulates their connections, with the potential for exploitation over-the-air by using software defined radio (SDR) equipment.
4. The impact of these vulnerabilities is significant, as they affect the radio resource control (RRC) attach procedure, authentication process, and other critical stages of communication between UE and gNB.
5. Patches for the 5Ghoul vulnerabilities are expected to be delivered to Android smartphones this month, while Apple devices will receive fixes later. Qualcomm and MediaTek have already acknowledged these vulnerabilities in their security bulletins.
6. More than 700 smartphone models are affected, with a significant impact on devices from Vivo, Xiaomi, Oppo, Samsung, and Honor, along with a smaller percentage of iPhones. Furthermore, industrial IoT solutions utilizing vulnerable 5G modems, such as Qualcomm’s 315 5G IoT modem, are at risk as well.
It is vital to monitor the deployment of patches and ensure that affected devices are promptly updated to mitigate the potential risks associated with the 5Ghoul vulnerabilities.