Security News > 2023 > December > New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips

New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips
2023-12-08 15:23

A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners and Apple, routers, and USB modems.

The researchers discovered the flaws while experimenting with 5G modem firmware analysis and report that the flaws are easy to exploit over-the-air by impersonating a legitimate 5G base station.

Attackers can send an invalid downlink MAC frame to the target 5G UE from a nearby malicious gNB, leading to a temporary hang and modem reboot.

CVE-2023-33042: Disabling 5G/Downgrade via Invalid RRC pdcch-Config in Qualcomm X55/X60 modems, leading to either downgrade or denial of service.

An attacker can send a malformed RRC frame during the RRC Attach Procedure, disabling 5G connectivity and requiring a manual reboot for restoration.

Signs of a 5Ghoul attack include loss of 5G connections, inability to re-connect until the device is rebooted, and consistent drop to 4G despite the availability of a 5G network in the area.


News URL

https://www.bleepingcomputer.com/news/security/new-5ghoul-attack-impacts-5g-phones-with-qualcomm-mediatek-chips/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-05 CVE-2023-33042 Improper Input Validation vulnerability in Qualcomm products
Transient DOS in Modem after RRC Setup message is received.
network
low complexity
qualcomm CWE-20
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Qualcomm 2226 0 255 1139 510 1904
Mediatek 56 0 39 45 13 97