A family of 5G modem vulnerabilities, collectively known as 5Ghoul, have posed security risks to hundreds of devices using connectivity hardware from Qualcomm and MediaTek.
Researchers from the Singapore University of Technology and Design first wrote about the vulnerabilities after the two chipmakers disclosed information about 5Ghoul in their December bulletins, following a responsible disclosure period.
Smartphones, Customer-premises Equipment (CPE) routers, and USB modems could all be exposed to the lengthy list of vulnerabilities that have so far been identified.
How secure is your 5G device?
To date, the researchers have identified 12 new vulnerabilities on top of two that had already been identified. Ten of those affect 5G modems from Qualcomm and MediaTek, in turn affecting more than 710 different smartphone models including popular iPhone devices.
Furthermore, three of the 10 affecting Qualcomm and MediaTek modems have been designated high severity status.
Threat actors can use the vulnerabilities to deceive a 5G-enabled device to connect to a rogue base station. The researchers summarize:
“Once the attacker is sufficiently close to the target [user equipment - UE] and the Received Signal Strength Indicator (RSSI) of the adversarial [rogue 5G base station - gNB] is higher than the legitimate gNB, the target UE will connect to the adversarial gNB.”
The report also notes: “The attacker does not need to be aware of any secret information of the target UE e.g., UE’s SIM card details, to complete the NAS network registration. The attacker only needs to impersonate the legitimate gNB using the known Cell Tower connection parameters (e.g., SSB ARFCN, Tracking Area Code, Physical Cell ID, Point A Frequency).”
Qualcomm and MediaTek have already issued fixes to many of the vulnerabilities, however many end users are yet to see the results. An Android patch is set to arrive this month, while iPhone users look like they’ll have to wait until 2024 according to the report.
TechRadar Pro has asked Google and Apple to share more information about updates that are set to become available to end users, but neither company has responded yet.
More from TechRadar Pro
- Apple’s 5G modem looks destined for the iPhone 18
- Looking for an upgrade? Here are the best business smartphones
- Get a security boost with the best endpoint protection and best firewalls