Cyber security researchers on Thursday reported a critical security vulnerability in UNISOC’s smartphone chip, which is used for mobile communications in 11 percent of the world’s smartphones.
Without a patch, an attacker could exploit the vulnerability to neutralize or block mobile communications, according to Check Point Research, a cybersecurity firm.
Also read: Microsoft Surface Laptop Go 2 with 11th generation Core i5 processor launched: Price, specifications
UNISOC, formerly Spreadtrum Communications, is a Chinese-based semiconductor company headquartered in Shanghai that produces chipsets for mobile phones. The company has released a patch to mitigate the vulnerability.
The team found the vulnerability in the modem’s firmware, not in the Android OS itself, which affects 4G and 5G UNISOC chipsets used in several well-known brands in Africa and Asia. “Google will release the patch in the upcoming Android Security Bulletin,” adds Check Point Research.
CPR revealed its findings to UNISOC, which gave the vulnerability a score of 9.4 out of 10 (critical). The research marks the first time that the UNISOC modem was reverse-engineered and examined for vulnerabilities. A hacker or a military entity can exploit such a vulnerability to neutralize communications in a particular location.
Also read: Facebook Messenger now has a separate tab for calls
“An attacker could have used a radio station to send a malformed packet that would reset the modem and deprive the user of the ability to communicate. Without updating, mobile communications could be blocked by an attacker,” said Slava Makkaveev, reverse engineering and security research lawyer at Check Point. Software.
“There is nothing for Android users to do right now, although we strongly recommend using the patch that will be released by Google in their upcoming Android Security Bulletin,” Makkaveev added.
Read all the latest news, breaking news and IPL 2022 Live Updates here.