Security News > 2020 > June > GTP Vulnerabilities Expose 4G/5G Networks to High-Impact Attacks
Vulnerabilities in the GPRS Tunnelling Protocol expose 4G and 5G cellular networks to a variety of attacks, including denial-of-service, user impersonation, and fraud, Positive Technologies security researchers warn.
Some of the attacks may be performed with the simple use of a mobile phone and all of the tested networks were found vulnerable to DoS, impersonation, and fraud, the researchers say.
The tests revealed that the identified GTP vulnerabilities can be exploited via the inter-operator IPX network, and even from a mobile device in some cases.
With most 5G network deployments being non-standalone as of early 2020, they are vulnerable to disclosing subscriber information and the aforementioned DoS, impersonation, and fraud attacks.
To ensure subscribers are protected, operators should "Look closely at the GTP protocol, en-sure filtering at the GTP level, and deploy purpose-made security solutions," the researchers note.