Millions of Android Smartphones are affected by a critical UNISOC chip vulnerability.

News Sand DC

A serious security weakness in UNISOC's smartphone chipset has been discovered, which might be used to interrupt a smartphone's radio connections by sending a faulty packet.

In research published with The Hacker News, Israeli cybersecurity firm Check Point stated, "If left unpatched, a hacker or a military force can utilise such a weakness to disable communications in a specific place." "The flaw is in the modem firmware, not the Android operating system."

According to Counterpoint Research, UNISOC, a Shanghai-based semiconductor business, is the world's fourth-largest mobile processor maker behind Mediatek, Qualcomm, and Apple, accounting for 10% of all SoC shipments in Q3 2021.

The CVE-2022-20210 designation has been issued to the now-patched vulnerability, which has a severity rating of 9.4 out of 10 on the CVSS vulnerability assessment system.

In a word, the flaw — which was identified after reverse-engineering UNISOC's LTE protocol stack implementation — is a buffer overflow vulnerability in the modem firmware component that processes Non-Access Stratum (NAS) signals, resulting in a denial-of-service attack.

Users should upgrade their Android devices to the latest available software as soon as it becomes available as part of Google's Android Security Bulletin for June 2022 to reduce the risk.

"An attacker might have utilised a radio station to deliver a faulty packet that reset the modem, preventing the user from communicating," said Slava Makkaveev of Check Point.

#buttons=(Accept !) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Accept !