• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Critical Vulnerability Found in Motorola’s Unisoc Chips

You are here: Home / General Cyber Security News / Critical Vulnerability Found in Motorola’s Unisoc Chips
June 6, 2022

Cyber-threat intelligence firm Checkpoint Investigate (CPR) spotted a critical vulnerability in the Unisoc Tiger T700 chips that electric power the Motorola Moto G20, E30, and E40 smartphones.

The elements, which replaced MediaTek’s chips in the aforementioned products owing to world wide shortages, have been marked as danger vectors thanks to a stack overflow vulnerability.

Far more particularly, owing to the flaw, the smartphones had been observed omitting the look at to make absolutely sure that the modem’s link handler was examining a legitimate IMSI or very similar subscriber ID when connecting to an LTE network.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Simply because of this, the handler examine a zero-digit subject and established stack overflow circumstances that could block the person from working with the LTE network and be exploited for a denial of support (DoS) attack or for remote code execution.

Added information and facts about the vulnerability was introduced by CPR in a dedicated report, in which the business reported it disclosed the findings to Unisoc in May possibly 2022.

“In this analyze, CPR did a fast analysis of the Unisoc baseband to obtain a way to remotely attack Unisoc equipment,” the paper reads.

“We reverse-engineered the implementation of the LTE protocol stack and identified a vulnerability that could be employed to deny modem solutions and block communications.”

The vulnerability was presented a critical score of 9.4 out of 10 but was reportedly patched by Unisoc in Could 2022. Furthermore, CPR claimed Google confirmed that they would be publishing the patch in the upcoming Android Security bulletin.

Even though there haven’t been reports of the vulnerability staying exploited, the flaw signifies a pressing issue, specially simply because Unisoc processors are usually made use of in funds smartphones, which do not usually get regular updates.

The news of the Unisoc vulnerability in Motorola units will come months soon after the phone company was underneath the highlight in the US as the country’s governing administration billed a telecommunications corporation in China with conspiring to steal trade secrets from Motorola.


Some components of this report are sourced from:
www.infosecurity-magazine.com

Previous Post: «Cyber Security News State-Backed Hacker Believed to Be Behind Follina Attacks in the EU and US
Next Post: #RSAC: The Changing Work of the Cyber-Threat Intelligence Community Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks
  • How to Interpret the 2023 MITRE ATT&CK Evaluation Results
  • Iranian Nation-State Actor OilRig Targets Israeli Organizations
  • High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
  • Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
  • Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
  • Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
  • The Rise of the Malicious App
  • China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
  • Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers

Copyright © TheCyberSecurity.News, All Rights Reserved.