Security News > 2020 > December > 'Long-standing vulns' in 5G protocols open the door for attacks on smartphone users

'Long-standing vulns' in 5G protocols open the door for attacks on smartphone users
2020-12-18 10:30

Some 5G networks are at risk of attack thanks to "Long-standing vulnerabilities" in core protocols, according to infosec researchers at Positive Technologies.

"The stack of technologies in 5G potentially leaves the door open to attacks on subscribers and the operator's network. Such attacks can be performed from the international roaming network, the operator's network, or partner networks that provide access to services," the biz said.

It also highlighted the HTTP/2 protocol, which it said contained vulns that could allow malicious people to "Impersonate any network service" - damaging telco customers' trust in the network - as well as deleting vital network function profiles, the uses of which are explained in depth here.

We also think 5G security could be better, says EU. Separately, the EU cybersecurity agency ENISA published a highly technical report this week into 5G security, setting out what it sees as important vulnerabilities to be fixed in the technologies underpinning 5G networks, both at the radio access and core layers.

Perhaps unsurprisingly, ENISA also concluded that it needs a greater role in 5G security efforts across the 27-member political bloc, stating: "It is essential that the EU continues to facilitate the definition of common security standards across 5G Networks and its use cases by supporting further cooperation and information sharing among Member States." .


News URL

https://go.theregister.com/feed/www.theregister.com/2020/12/18/5g_security_enisa_positive_technologies/