Hackers could disrupt millions of smartphones by abusing this critical bug

A flaw in a common modem chip has been discovered

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A serious vulnerability present in more than a tenth of the world’smobile phonescould allow threat actors to kill all communications in a certain location, researchers have found.

Security analysts from Check Point Research (CPR) found the flaw in the UNISOC modem which, as the researchers claim, can be found in 11% of all the smartphones in the world (predominantly in Africa and Asia).

The modem allows for cellular communication, and by leveraging the flaw, the attacker can remotely deny modem services and block communication.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Critical UNISOC modem vulnerability

The flaw is now being tracked as CVE-2022-20210, and carries a vulnerability score of 9.4 out of 10 as a reflection of its severity.

According to CPR, the vulnerability was discovered in NAS message handlers, which could be used to disrupt radio communication through a malformed packet. Apparently, military or state-sponsored hackers would be able to use it to kill all communications in specific locations.

Since the discovery of the flaw, apatchhas been issued, and all smartphone users are urged to keep their devices up to date at all times.

Google fixes “critical” Android 12 security flaw>Serious Qualcomm security flaw could have affected millions of phones>8 reasons why smartphones are privacy nightmare

“There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be released byGooglein their upcoming Android Security Bulletin,” said Slava Makkaveev, Reverse Engineering & Security Research at Check Point Software.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Although not as high-profile as software flaws, hardware flaws are just as frequent, and just as dangerous. Earlier this month, a security flaw was discovered in Qualcomm’s MSM chips, which could have allowed threat actors to access SMS messages and phone conversations in a third of the world’s Android endpoints.

This vulnerability, tracked as CVE-2020-11292, was also discovered by Check Point Research, who discovered it while using a process known as fuzzing to test Qualcomm’s mobile station modem (MSM) for flaws in its firmware.

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

LG Electronics sets ambitious B2B revenue goal to offset declining consumer demand