Critical Vulnerability Found in Motorola’s Unisoc Chips

Cyber-threat intelligence firm Checkpoint Research (CPR) spotted a critical vulnerability in the Unisoc Tiger T700 chips that power the Motorola Moto G20, E30 and E40 smartphones.

The components, which replaced MediaTek’s chips in the aforementioned devices due to global shortages, have been marked as threat vectors due to a stack overflow vulnerability.

More specifically, due to the flaw, the smartphones were seen omitting the check to make sure that the modem’s connection handler was reading a valid IMSI or similar subscriber ID when connecting to an LTE network.

Because of this, the handler read a zero-digit field and created stack overflow conditions that could block the user from using the LTE network and be exploited for a denial of service (DoS) attack or for remote code execution.

Additional information about the vulnerability was released by CPR in a dedicated report, in which the firm said it disclosed the findings to Unisoc in May 2022.

“In this study, CPR did a quick analysis of the Unisoc baseband to find a way to remotely attack Unisoc devices,” the paper reads.

“We reverse-engineered the implementation of the LTE protocol stack and discovered a vulnerability that could be used to deny modem services and block communications.”

The vulnerability was given a critical score of 9.4 out of 10 but was reportedly patched by Unisoc in May 2022. Additionally, CPR said Google confirmed that they would be publishing the patch in the upcoming Android Security bulletin.

While there haven’t been reports of the vulnerability being exploited, the flaw represents a pressing issue, particularly because Unisoc processors are often used in budget smartphones, which do not always receive frequent updates.

The news of the Unisoc vulnerability in Motorola devices comes months after the phone manufacturer was under the spotlight in the US as the country’s government charged a telecommunications company in China with conspiring to steal trade secrets from Motorola.

Credit: Source link

Comments are closed.