A team of researchers from the Singapore University of Technology and Design (SUTD) has identified multiple vulnerabilities in 5G modems used in over 710 smartphone models. This discovery, which affects devices from major manufacturers, has exposed a critical weakness in the infrastructure of the latest telecommunications technology.
The vulnerabilities, collectively termed “5Ghoul” by the researchers, were found in the 5G modems of two leading chipmakers, Qualcomm and Mediatek. Of the 14 vulnerabilities identified, ten are linked to these companies’ products, with three classified as high severity. The researchers have opted to withhold details of two vulnerabilities for security reasons.
These security gaps primarily enable attackers to execute denial-of-service (DoS) attacks. By exploiting these vulnerabilities, an attacker can disrupt the network connectivity of the targeted devices, causing the modems to crash and necessitating a complete device restart to regain 5G connectivity. The attack can be launched using a malicious 5G base station within the radio range of the target device, and it does not require any information about the victim’s SIM card. This is because the attack can be carried out before the completion of the NAS authentication process.
The scope of this issue is extensive, impacting 714 smartphone models from renowned brands such as Samsung, Oneplus, Oppo, Vivo, Xiaomi, Motorola, Sony, Asus, Huawei, Nokia, and LG. Notably, Qualcomm chips are found in 670 of these models, accounting for 94 percent of the affected devices.
According to a report by Bleeping Computer, Qualcomm and Mediatek had provided security updates to smartphone manufacturers two months prior to address these vulnerabilities. Both chipmakers have issued security bulletins naming the 5Ghoul vulnerabilities. However, the distribution of these updates poses a challenge, particularly within the Android ecosystem. Many users, especially those with older or less expensive smartphone models, may face delays in receiving the updates or might not receive them at all.