China-based semiconductor firm Unisoc has recently come to prominence with multiple major manufacturers using its SoCs in their budget range devices. Now, Check Point Research has revealed that the Unisoc smartphone chips have a critical security vulnerability.
According to the firm, The issue exists in the modem firmware and affects 4G and 5G Unisoc chipsets. The issue, tracked as CVE-2022-20210, was discovered while scanning Non-Access Stratum (NAS) message handlers. This vulnerability could be exploited to neutralize or block the cellular communication capabilities of the device.
Slava Makkaveev, Reverse Engineering and Security Research attorney at Check Point Software said “An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker.”
The vulnerability was detected on a Motorola Moto G20 running the Unisoc T700 chipset and Android January 2022 security patch. The vulnerability, however, exists on other devices using Unisoc chipsets too. Check Point Research disclosed its findings to Unisoc in May. The China-based chipmaker acknowledged the vulnerability upon the receipt of disclosure and issued a patch.
Makkaveev also stated that “There is nothing for Android users to do right now, though we strongly recommend applying a patch that will be released by Google in their upcoming Android Security Bulletin.” So, it is advisable to update your Unisoc SoC smartphones to the latest software version when the next patch arrives.
RELATED:
- Moto E32 launched with 90Hz display, Unisoc T606, 5,000mAh battery
- Nokia G21 launched in India with 90Hz display, Unisoc T606 chip, and more
- ZTE Blade V40 Vita with Unisoc’s T606 SoC launched in Malaysia
