• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
critical unisoc chip vulnerability affects millions of android smartphones

Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

You are here: Home / General Cyber Security News / Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones
June 2, 2022

A critical security flaw has been uncovered in UNISOC’s smartphone chipset that could be perhaps weaponized to disrupt a smartphone’s radio communications through a malformed packet.

“Still left unpatched, a hacker or a army unit can leverage these kinds of a vulnerability to neutralize communications in a precise site,” Israeli cybersecurity firm Examine Stage mentioned in a report shared with The Hacker Information. “The vulnerability is in the modem firmware, not in the Android OS alone.”

UNISOC, a semiconductor company based in Shanghai, is the world’s fourth-largest mobile processor manufacturer right after Mediatek, Qualcomm, and Apple, accounting for 10% of all SoC shipments in Q3 2021, in accordance to Counterpoint Exploration.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CyberSecurity

The now-patched issue has been assigned the identifier CVE-2022-20210 and is rated 9.4 out of 10 for severity on the CVSS vulnerability scoring method.

In a nutshell, the vulnerability — discovered pursuing a reverse-engineering of UNISOC’s LTE protocol stack implementation — relates to a case of buffer overflow vulnerability in the element that handles Non-Obtain Stratum (NAS) messages in the modem firmware, resulting in denial-of-provider.

CyberSecurity

To mitigate the risk, it is suggested that consumers update their Android units to the most current accessible software program as and when it gets offered as element of Google’s Android Security Bulletin for June 2022.

“An attacker could have used a radio station to send out a malformed packet that would reset the modem, depriving the user of the chance of interaction,” Examine Point’s Slava Makkaveev explained.

Uncovered this report intriguing? Abide by THN on Facebook, Twitter  and LinkedIn to browse more distinctive information we submit.


Some elements of this post are sourced from:
thehackernews.com

Previous Post: «sidewinder hackers use fake android vpn apps to target pakistani SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities
Next Post: 10 Companies Chosen to Test Next-Generation Cybersecurity Technologies Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.