Vulnerability in Moto G20 and similar Android phones makes them easy targets for hackers

0comments
Vulnerability in Moto G20 and similar Android phones makes them easy targets for hackers
UNISOC may not be the first name that comes to mind when you think of Android chip makers, but it's actually a larger player than Samsung and Huawei. UNISOC chips were found in 11 percent of the phones shipped in Q4 2021, making it the fourth-largest vendor. The company makes affordable chips that are found in many popular budget phones meant for Asia and Africa. Check Point Research has found a vulnerability in UNISOC chips that makes phone communication vulnerable to remote hacker attacks.

Perhaps because UNISOC has been overshadowed by the likes of Qualcomm and MediaTek, its chip firmware used in Android smartphones has not been studied extensively, which is probably why this vulnerability went unnoticed all this time.

Since the smartphone modem is easy to access remotely via SMS or a radio packet, it is often targeted by hackers. CPR did an analysis of the UNISOC baseband and discovered a loophole that could be used to block communications.

The evolved packet system (EPS), which is a high-level architecture of the Long-Term Evolution (LTE) tech, consists of three main components: the user equipment (UE), which is a smartphone in this example, the evolved UMTS terrestrial radio access network (E-UTRAN), and the evolved packet core (EPC), and they are all interconnected.

The E-UTRAN component has a stack called the eNodeB station which manages the communication between the UE and the EPC. One of EPC's stacks is the mobility management entity (MME), which controls the high-level operations of phones in the LTE network.

The MME stack and the UE stack rely on the EPS session management (ESM) and the EPS mobility management (EMM) protocols for communication, which are both hosted by the non-access stratum (NAS).

The thing with the NAS protocol is that it is more concerned with the wider system and thus, it's fairly easy for a bad actor to send an EMM packet with the potential to crash the UNISOC modem to the target device. This could lead to Denial of Service (DoS) or Remote Code Execution (RCE).

Recommended Stories
CPR used a Motorola Moto G20 which was on the January 2022 patch as a test device. It is powered by the UNISOC T700. They then harnessed the weaknesses of the system to mess with the NAS message data, which made it possible to carry out a DoS attack.

The outlet believes a hacker or military person can use vulnerabilities like this to "neutralize communications in a specific location."

UNISOC was informed about the problem with the baseband in May 2022 and it was patched quickly. Google will publish the patch in the next Android Security bulletin.

Every other day we hear about one loophole or the other, so it's recommended you always keep your phone up to date with security patches and make use of services like ExpressVPN to stay ahead of hackers.

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless