A collection of vulnerabilities has been discovered in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm. These vulnerabilities, collectively dubbed “5Ghoul,” impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS. Successful exploitation of these vulnerabilities could allow attackers to:
- Drop connections: Attackers could continuously launch attacks to cause repeated drops in network connectivity, effectively denying users access to cellular data and mobile internet.
- Freeze connections: The vulnerabilities could be exploited to freeze device connections, requiring users to manually reboot or downgrade their firmware.
- Gain access to sensitive data: In some cases, attackers could potentially exploit these vulnerabilities to gain access to sensitive data stored on the device.
The 5Ghoul vulnerabilities were discovered by researchers from Check Point Research, who have responsibly disclosed the findings to the affected vendors. Patches are currently being developed and are expected to be released in the coming weeks.
The exact number of affected devices is unknown, but researchers estimate that hundreds of millions of smartphones and other devices could be vulnerable. Some of the specific devices known to be affected include:
- iOS: iPhones 12 and 13 series, iPads Pro (2021 and 2022)
- Android: Samsung Galaxy S22 series, Google Pixel 6 and 6 Pro, Xiaomi Mi 12 and 12 Pro
The 5Ghoul vulnerabilities represent a significant risk to the security and privacy of users of affected devices. If exploited, these vulnerabilities could allow attackers to disrupt or even completely disable cellular data connectivity, potentially leading to significant economic losses and even safety risks. Additionally, attackers could potentially use these vulnerabilities to gain access to sensitive data stored on the device.
What to Do:
Users of affected devices are urged to update their firmware to the latest version as soon as patches become available. This will help to mitigate the risk of exploitation. In the meantime, users can also take steps to protect themselves by using strong passwords and avoiding connecting to untrusted Wi-Fi networks.