June 2 — A team of cyber security researchers has identified a vulnerability in UNISOC’s baseband chipset that, if exploited, could deny and block communication of mobile phones. The researchers have since disclosed the information to appropriate company representatives, who have acknowledged the vulnerability, assigned a CVE and rolled out a patch with which to resolve it.
UNISOC’s baseband chipset vulnerability
UNISOC produces budget chipsets that power a number of different types of devices; from smartphones to smart TVs. Because of low-end prices, the company is particularly popular among enterprises in lower income countries.
THe UNISOC chipsets retain roughly 11% of global market share, competing with MediaTek, Qualcomm and Apple.
Although UNISOC has existed on the market for quite some time, the UNISOC chip firmware has not received extensive attention. To-date, internet searches do not show any references pertaining to UNISOC baseband vulnerabilities. This information void prompted cyber security researchers to start exploring UNISOC products.
According to cyber security researchers, the smartphone modem represents a prime target for attackers and it can be reached remotely via SMS or radio packet. A series of vulnerabilities can potentially jeopardize the modem and other chip-related weaknesses can potentially place Android mobile users at-risk.
For a deep-dive into the UNISOC vulnerabilities, see Check Point Software’s blog. Lastly, to receive cutting-edge cyber security news, exclusive interviews, expert analyses and security resources, please sign up for the CyberTalk.org newsletter.