Check Point Research was the one who found the flaw. UNISOC handles 11% of all smartphones in the globe.
Check Point Research has discovered a significant security flaw in UNISOC’s smartphone chip, which is responsible for cellular connection in 11% of all cellphones on the market. The flaw was discovered in the UNISOC modem firmware, not the Android OS, according to the manufacturer.
UNISOC, previously Spreadtrum Communications, is a Shanghai-based semiconductor business that manufactures chipsets for mobile phones and smart televisions. If the vulnerability isn’t addressed, an attacker might use it to restrict modem services and conversations from afar.
What smartphone chips are compromised?
According to CPR, the weakness affects 4G and 5G UNISOC chipsets, and Google will release a patch in the next Android Security Bulletin. The company informed UNISOC of its findings, which gave the vulnerability a 9.4 out of 10 rating. The CVE-2022-20210 issue has since been addressed by UNISOC.
The UNISOC modem, which is used for cellular communication throughout Africa and Asia, is quite popular. CPR discovered the flaw when analysing the UNISOC baseband in order to identify a technique to remotely attack UNISOC devices, according to a blog post by the business. According to the business, CPR reverse-engineered the implementation of the LTE protocol stack for the first time to look for security problems.
According to CPR, the top three chip makers for Android devices are UNISOC, MediaTek, and Qualcomm. CPR has studied Qualcomm’s TrustZone, DSP, and radio modem processors, as well as MediaTek’s TrustZone DSP, over the past three years.
Despite the fact that UNISOC has been on the market for a long period, the chip firmware used in Android phones has not been thoroughly investigated, according to a CPR spokeswoman on Wednesday. That was the reason for putting it to the test.
“According to the most recent figures, UNISOC’s sales have increased every quarter over the last year,” a CPR representative said. “We believe that when [the chip] grows more popular, hackers will turn their attention to UNISOC, just like they did with MediaTek and Qualcomm.”
The vulnerability was discovered when researchers reviewed message handlers in the NAS protocol for a short amount of time. It can be leveraged to disrupt the device’s radio transmission by sending a malformed packet. According to CPR, a hacker or military unit can use such a flaw to disable communications in a specified place.
The smartphone’s modem is a prime target for hacking
Phone calls, SMS, and mobile Internet are all handled by the smartphone’s modem. A hacker can disable the modem’s functionality or obtain access to a user’s phone calls by hacking it. “Hackers target the smartphone modem because it may be accessed remotely via SMS or a radio packet,” according to UNISOC. The company’s spokespersons said that modern cellphones are built on extremely complicated semiconductors.
“The UNISOC chip comprises a suite of specialised processors that segregate the device’s unique features while also reducing the burden on the main Android processor.” As a result, a separate CPU and operating system are used to represent the radio modem on the chip.” As a test device, CPR used the Motorola Moto G20 with the Android January 2022 update. The UNISOC T700 chip is used in the gadge.
“An attacker might have utilised a radio station to broadcast a faulty packet that would reset the modem, preventing the user from communicating,” said Slava Makkaveev, a security researcher at Check Point Software. “At this time, there is nothing Android users can do, however we strongly advise them to apply the patch that Google will provide in their next Android Security Bulletin.”
Check Point urges mobile users to always update their mobile phone OS to the latest available software.
