A collection of security flaws known as 5Ghoul has been discovered in the firmware of 5G modems from major chipset vendors like MediaTek and Qualcomm [3]. These vulnerabilities impact USB and IoT modems [2] [3] [4], as well as numerous smartphone models running Android and iOS [1] [2] [3] [4].
Description
Out of the 14 vulnerabilities found, 10 have been publicly disclosed, with three classified as high-severity [2] [3] [4]. These vulnerabilities can be exploited to launch attacks that drop connections [2] [3], freeze connections requiring manual reboot [2] [3], or downgrade 5G connectivity to 4G [1] [2] [3]. A total of 714 smartphones from 24 brands [1] [3], including Vivo [1] [2] [3] [4], Xiaomi [1] [2] [3] [4], Samsung [1] [2] [3] [4], Apple [1] [2] [3] [4], and Google [1] [2] [3] [4], are affected [3]. The attacks involve tricking devices to connect to a rogue base station [3], resulting in unintended consequences [2] [3].
One notable vulnerability [2], CVE-2023-33042 [1] [2] [4], allows an attacker within radio range to trigger a 5G connectivity downgrade or denial-of-service (DoS) in Qualcomm’s X55/X60 modem firmware by sending a malformed Radio Resource Control (RRC) frame [2] [4]. Patches have been released for 12 of the vulnerabilities by MediaTek and Qualcomm [1] [2], while details of the remaining two vulnerabilities will be disclosed in the future [3] [4]. However, it can take several months for 5G security patches to reach end-users via OTA updates due to the complexity and dependencies involved in the patching process [2].
Conclusion
These security flaws have significant impacts on the affected devices, potentially leading to dropped connections, frozen connections [1] [2] [3], or downgraded connectivity [1] [2] [3]. Mitigations are being implemented through the release of patches by MediaTek and Qualcomm. However, the process of distributing these patches to end-users can be time-consuming. It is important for users to stay vigilant and update their devices as soon as the patches become available. The discovery of these vulnerabilities also highlights the ongoing need for robust security measures in the development and implementation of 5G technology.
References
[1] https://jn66dataanalytics.com/news/new-5g-modems-flaws-affect-ios-devices-and-android-models-from-major-brands-the-hacker-news
[2] https://owasp.or.id/2023/12/08/new-5g-modems-flaws-affect-ios-devices-and-android-models-from-major-brands/
[3] https://thehackernews.com/2023/12/new-5g-modems-flaws-affect-ios-devices.html
[4] https://ciso2ciso.com/new-5g-modems-flaws-affect-ios-devices-and-android-models-from-major-brands-sourcethehackernews-com/
