Security News > 2023 > December > New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips
A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners and Apple, routers, and USB modems.
The researchers discovered the flaws while experimenting with 5G modem firmware analysis and report that the flaws are easy to exploit over-the-air by impersonating a legitimate 5G base station.
Attackers can send an invalid downlink MAC frame to the target 5G UE from a nearby malicious gNB, leading to a temporary hang and modem reboot.
CVE-2023-33042: Disabling 5G/Downgrade via Invalid RRC pdcch-Config in Qualcomm X55/X60 modems, leading to either downgrade or denial of service.
An attacker can send a malformed RRC frame during the RRC Attach Procedure, disabling 5G connectivity and requiring a manual reboot for restoration.
Signs of a 5Ghoul attack include loss of 5G connections, inability to re-connect until the device is rebooted, and consistent drop to 4G despite the availability of a 5G network in the area.
News URL
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-12-05 | CVE-2023-33042 | Improper Input Validation vulnerability in Qualcomm products Transient DOS in Modem after RRC Setup message is received. | 7.5 |