Critical Vulnerability in UNISOC Devices Patched

UNISOC vulnerability

UNISOC-chip Android Phones are Vulnerable to Remote Modem-Targeting Attacks

In May 2022, the UNISOC company was informed by Check Point Research specialists about a critical vulnerability present in UNISOC chipset devices. The flaw was confirmed by the manufacturer and patched.

The vulnerability revelation happened after reverse-engineering of UNISOC LTE protocols (long-term evolution, wireless connection standard for “mobile Internet”). Unpatched firmware gives potential hackers an opportunity for a remote attack leading to modem denial of service or even blocking communications on the targeted devices. A portable device modem can be attacked in several ways, both by radio signal of the required frequency or by a message with mediation of the user.

The vulnerability in question is a problem with Android devices, and it was rated critical. Google has acknowledged the threat and will issue a respective patch in an upcoming Android Security Bulletin. Keeping your device’s software updated remains one of the best recipes for its security.

UNISOC is a Shanghai-headquartered manufacturer of chipsets mainly for mobile devices. Praised for the low price of its products, UNISOC is holding 11% of the market, yielding positions only to MediaTek, Qualcomm and Apple. This vulnerability story is the first case of a critical program flaw detected in the company’s products and a result of the first thorough independent research aimed at finding such defects.

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

View all of Stephanie Adlam's posts.

Leave a comment

Your email address will not be published.