• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

You are here: Home / General Cyber Security News / Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones
June 2, 2022

UNISOC Chip

A critical security flaw has been uncovered in UNISOC’s smartphone chipset that could be perhaps weaponized to disrupt a smartphone’s radio communications through a malformed packet.

“Still left unpatched, a hacker or a army unit can leverage these kinds of a vulnerability to neutralize communications in a precise site,” Israeli cybersecurity firm Examine Stage mentioned in a report shared with The Hacker Information. “The vulnerability is in the modem firmware, not in the Android OS alone.”

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


UNISOC, a semiconductor company based in Shanghai, is the world’s fourth-largest mobile processor manufacturer right after Mediatek, Qualcomm, and Apple, accounting for 10% of all SoC shipments in Q3 2021, in accordance to Counterpoint Exploration.

CyberSecurity

The now-patched issue has been assigned the identifier CVE-2022-20210 and is rated 9.4 out of 10 for severity on the CVSS vulnerability scoring method.

In a nutshell, the vulnerability — discovered pursuing a reverse-engineering of UNISOC’s LTE protocol stack implementation — relates to a case of buffer overflow vulnerability in the element that handles Non-Obtain Stratum (NAS) messages in the modem firmware, resulting in denial-of-provider.

CyberSecurity

To mitigate the risk, it is suggested that consumers update their Android units to the most current accessible software program as and when it gets offered as element of Google’s Android Security Bulletin for June 2022.

“An attacker could have used a radio station to send out a malformed packet that would reset the modem, depriving the user of the chance of interaction,” Examine Point’s Slava Makkaveev explained.

Uncovered this report intriguing? Abide by THN on Facebook, Twitter  and LinkedIn to browse more distinctive information we submit.


Some elements of this post are sourced from:
thehackernews.com

Previous Post: «sidewinder hackers use fake android vpn apps to target pakistani SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities
Next Post: 10 Companies Chosen to Test Next-Generation Cybersecurity Technologies Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • 10 Companies Chosen to Test Next-Generation Cybersecurity Technologies
  • Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones
  • SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities
  • DOJ Seizes 3 Web Domains Used to Sell Stolen Data and DDoS Services
  • Europol Confirms Takedown of SMS-based FluBot Spyware
  • The EU’s Apple App Store crackdown ‘will fuel cyber attacks’
  • Connecticut Becomes Fifth US State to Enact Consumer Privacy Law
  • New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email
  • FluBot Android Spyware Taken Down by Global Law Enforcement Operation
  • YODA Tool Found ~47,000 Malicious WordPress Plugins Installed in Over 24,000 Sites

Copyright © TheCyberSecurity.News, All Rights Reserved.