Experts from the ASSET Research Group (ARG) at the Singapore University of Technology and Design have discovered 14 serious vulnerabilities in the firmware of 5G modems affecting major chipmakers MediaTek and Qualcomm. The detected vulnerabilities pose a threat to the most popular smartphone brands, as well as other wireless communication devices. The report was published in the official gazette Web site ARG.
As experts explain, a set of vulnerabilities under the generic name 5Ghoul affects 714 smartphone models from Apple, Google, Samsung, Huawei, Nokia, Sony, Xiaomi, OPPO, Asus, Meizu, ZTE, Motorola, OnePlus and a dozen other leading brands.
ARG found that with the help of 5Ghoul, attackers can intercept communications and freeze connections, as well as reduce data transfer speeds from 5G to 4G. In some cases, the consequences of the attack can only be eliminated by manually rebooting the device.
Attacks via 5Ghoul vulnerabilities are based on simulating the operation of a communication base station. A hacker who creates a fake signal source only needs to wait for the 5G device to connect to it before they can affect its operation.
MediaTek and Qualcomm have already released patches to fix 12 of the 14 identified vulnerabilities. Information about the remaining two problems remains confidential for now.
Hackers before learned Intercept and decrypt user information via Bluetooth.