Check Point Research unveils vulnerability within UNISOC baseband chipset

Issue 3 2022 News & Events

UNISOC produces budget chipsets that power 2/3/4/5G devices ranging from smartphones to smart TVs. UNISOC is extremely popular in Africa and Asia due to its low-end prices. By the end of 2021, UNISOC was reported to be the fourth largest smartphone chip manufacturer globally (following MediaTek, Qualcomm and Apple), with an 11% global market share.

Despite the fact that UNISOC has been on the market for a long time, the UNISOC chip firmware, including the radio modem (AKA baseband), has not been studied extensively. There are no references for any UNISOC baseband vulnerabilities on the Internet to date, and this served as primary motivation for Check Point researchers.

The smartphone modem is a prime target for hackers as it can be potentially reached remotely through SMS or radio packets. Check Point Research discovered several vulnerabilities that can jeopardise the modems and other chip-related weaknesses that can put Android mobile users at risk.

Exploiting this vulnerability can be used to disrupt the device’s radio communication through a malformed packet. An attacker or even a military unit can use such a vulnerability to neutralise communications on the attacked devices.

Check Point Research reached out to the UNISOC teams in May 2022 and disclosed these findings. UNISOC acknowledged the findings and gave the vulnerability a 9.4 scoring (critical) and patched it. Google has said it will be publishing the patch in the upcoming Android security bulletin.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From the editor's desk: We’ve only just begun
Technews Publishing News & Events
The surveillance market has expanded far beyond the analogue days of just recording and/or monitoring screens. The capabilities of surveillance technology today extend to black screen monitoring with ...

Read more...
SAFPS issues SAPS impersonation scam warning
News & Events Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) is warning the public against a scam in which scammers pose as members of the South African Police Service (SAPS) and trick and intimidate individuals into handing over personal and financial information.

Read more...
Strong industry ties set Securex South Africa apart
News & Events Training & Education
Securex South Africa, co-located with A-OSH EXPO, Facilities Management Expo, and Firexpo, is a meeting place of minds, where leading security, safety, fire, and facilities professionals come together, backed by strong ties with the industry’s most influential bodies.

Read more...
Connected commercial drone market to reach US$37.3 billion
News & Events Commercial (Industry) IoT & Automation
The global market for connected commercial drones is forecast to grow from US$18.6 billion in 2024 at a compound annual growth rate (CAGR) of 15% to reach US$37.3 billion in 2029

Read more...
Phishing attacks through SVG image files
Kaspersky News & Events Information Security
Kaspersky has detected a new trend: attackers are distributing phishing emails to individual and corporate users with attachments in SVG (Scalable Vector Graphics) files, a format commonly used for storing images.

Read more...
Fully-integrated browser AI
News & Events
Opera Mini now provides all its smartphone users with its own free built-in browser AI, Aria, including AI chat, Ask Aria and image generation. According to an Opera survey, 80% of South Africans want AI tools integrated into their browser.

Read more...
Amendments to the Private Security Industry Regulations
Technews Publishing Agriculture (Industry) News & Events Associations
SANSEA, SASA, National Security Forum, CEO, TAPSOSA, and LASA oppose recently published Amendments to the Private Security Industry Regulations regarding firearms.

Read more...
Local innovation driving excellence in FM
Securex South Africa News & Events
As organisations seek cost-effective, sustainable, and high-quality solutions, home-grown facilities management innovation is proving to be a critical driver of operational efficiency and long-term success.

Read more...
PIV-ready High Sec Controller 7000
News & Events
Gallagher Security announced the release of the latest addition to its controller product range; the High Sec Controller 7000, which incorporates all the core functions of the C7000 Standard variant released less than 18 months ago.

Read more...