Security vulnerabilities named "5Ghoul" have been discovered in the 5G modems developed by Qualcomm and MediaTek.
Security vulnerabilities named "5Ghoul" have been discovered in the 5G modems developed by Qualcomm and MediaTek. These vulnerabilities have a widespread impact, affecting approximately 710 models of 5G smartphones partnered with Android by Google and Apple, as well as routers and USB modems utilizing these modems.
5Ghoul vulnerabilities may be exploited to continuously launch attacks to drop the connections, freeze the link that involves manual reboot or downgrade the 5G connectivity to 4G, the researchers said in a study published.
The vulnerabilities were disclosed by a team of researchers from the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), who also previously disclosed BrakTooth in September 2021 and SweynTooth in February 2020. Ten affect 5G modems from the two companies, three of which have been classified as high-severity vulnerabilities.
As many as 714 smartphones from 24 brands are impacted, including those from Vivo, Xiaomi, OPPO, Samsung, Honor, Motorola, realme, OnePlus, Huawei, ZTE, Asus, Sony, Meizu, Nokia, Apple, and Google.
The researchers discovered the flaws while experimenting with 5G modem firmware analysis. They reported that the flaws are easy to exploit over the air by impersonating a legitimate 5G base station.
This applies even when attackers lack information about the target's SIM card, as the attack occurs before the NAS authentication step.
"The attacker does not need to be aware of any secret information of the target UE, e.g., UE's SIM card details, to complete the NAS network registration," explains the researchers on their website. The attacker only needs to impersonate the legitimate gNB using the known Cell Tower connection parameters.
Notable among the 14 flaws is CVE-2023-33042 because it can force a device to disconnect from a 5G network and fall back to 4G, exposing it to potential vulnerabilities in the 4G domain that tell it to a broader range of attacks.
The DoS flaws in these vulnerabilities cause the devices to lose all connectivity until rebooted. This is less critical, although it can still have significant implications in mission-critical environments that rely on cellular service.
Both MediaTek and Qualcomm have released patches for 12 of the 14 flaws. Details of the two other vulnerabilities have been withheld for confidentiality reasons and are expected to be disclosed in the future.
Finding issues in the implementation of the 5G modem vendor heavily impacts product vendors downstream, the researchers said, adding that it can often take six or more months for 5G security patches to reach the end user via an OTA update.
If you're overly worried about 5Ghoul flaws, the only practical solution is to use 5G entirely once fixes are available.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?