Researchers find critical bug in UNISOC smartphone chip
New Delhi
02-June-2022
Cyber-security researchers on Thursday reported a critical security vulnerability in UNISOC's smartphone chip being used for cellular communication in 11 per cent of the world's smartphones.
Left unpatched, an attacker could exploit the vulnerability to neutralize or block cellular communication, according to Check Point Research, a cyber-security firm.
UNISOC, formerly Spreadtrum Communications, is a Chinese fabless semiconductor company headquartered in Shanghai, which produces chipsets for mobile phones.
The company has issued a patch to mitigate the vulnerability.
The team found the vulnerability in the modem firmware, not in the Android OS itself, that affects 4G and 5G UNISOC chipsets being used in several known brands in Africa and Asia.
"Google will be publishing the patch in the upcoming Android Security Bulletin," said Check Point Research.
CPR disclosed its findings to UNISOC, who gave the vulnerability a score of 9.4 out of 10 (critical).
The research marks the first-time the UNISOC modem was reverse-engineered and investigated for vulnerabilities.
A hacker or a military unit can leverage such a vulnerability to neutralize communications in a specific location.
"An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker," said Slava Makkaveev, Reverse Engineering and Security Research attorneys at Check Point Software.
"There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be released by Google in their upcoming Android Security Bulletin," Makkaveev added. - IANS
More Headlines
ED Attaches Rs 97.79 Crore Worth of Properties Belonging to Raj Kundra Under PMLA
ISRO's Former Director Cites Probability Theory in Support of Possible Alien Existence
Gaming Startup LightFury Raises $8.5 Million to Develop AAA Titles in India and UK
Wow! Momo Raises Rs 70 Crore, Following Rs 350 Crore Investment to Extend Growth
After Six Years of Profitable Bootstrapping, Medulance Raises Rs 25 Crore to Expand Nationally
ED Attaches Rs 97.79 Crore Worth of Properties Belonging to Raj Kundra Under PMLA
ISRO's Former Director Cites Probability Theory in Support of Possible Alien Existence
Gaming Startup LightFury Raises $8.5 Million to Develop AAA Titles in India and UK
Wow! Momo Raises Rs 70 Crore, Following Rs 350 Crore Investment to Extend Growth
After Six Years of Profitable Bootstrapping, Medulance Raises Rs 25 Crore to Expand Nationally