A group of researchers at the Singapore University of Technology and Design (SUTD) has uncovered several vulnerabilities in widely used 5G modems from chipmakers Qualcomm and Mediatek. The researchers claim in their reportto have identified more than 710 different smartphone models that are affected by the vulnerabilities. But the actual number could be even higher. In addition, some USB modems and routers are also affected.
The research team found a total of 14 vulnerabilities and summarized them under the term 5Ghoul. They attribute ten of these vulnerabilities to the 5G modems from Qualcomm and Mediatek, three of which are of high severity. The researchers have already discovered most of these security gaps, but they want to withhold two of them for security reasons.
5Ghoul enables denial of service
A look at the list of vulnerabilities reveals that they primarily enable so-called denial-of-service attacks (DoS). An attacker can temporarily disconnect vulnerable target devices from the network by causing the respective modem to crash. In some cases, a complete restart of the device is required in order to be able to establish a 5G connection again.
5Ghoul can be exploited relatively easily by deploying a malicious 5G base station within radio range of the target device. Information about the target person’s SIM card is not required. This is because an attack can be carried out via the 5Ghoul vulnerabilities before the NAS authentication process (Non-access stratum) is completed.
714 smartphones are vulnerable
The researchers identified a total of 714 smartphone models that are vulnerable to 5Ghoul. These include devices from well-known manufacturers such as Samsung, Oneplus, Oppo, Vivo, Xiaomi, Motorola, Sony, Asus, Huawei, Nokia and LG. 670 models – 94 percent – were equipped with chips from Qualcomm.
Like from one Report from Bleeping Computer As can be seen, Qualcomm and Mediatek probably provided the respective smartphone manufacturers with security updates two months ago in order to close the security gaps. Both chip manufacturers have on Monday Security bulletins publishedin which the 5Ghoul vulnerabilities are mentioned.
However, when it comes to the distribution of patches, the usual problems in the Android ecosystem are to be expected: many users will probably only receive the updates in a few weeks, and those with older and/or cheaper smartphone models may not receive them at all.