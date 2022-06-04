A critical security vulnerability in the UNISOC modem firmware (Chinese semiconductor company) was found by Check Point Research (CPR). The breach affects millions of Android mobile devices around the world, as by the end of 2021, the manufacturer had an 11% share of the global market. It produces chipsets that power connection equipment ranging from 2G to 5G.

According to the Threat Intelligence division of Check Point Software Technologies, if not corrected, the problem could be used by attackers who want to neutralize modem services and block communications from a specific location, all through a packet sent by radio stations. .

The discovery was made by the application of reverse engineering and the scanning of message handlers of a set of protocols called NAS (Non-Access Stratum). In any case, the research points out that it does not apply to Google’s operating system.

UNISOC acknowledged the vulnerability after receiving the information from CPR in May 2022.

Breach allows attackers to block communications.Source: Shutterstock

What to do to protect yourself?

Slava Makkaveev, security and reverse engineering researcher at Check Point Software Technologies, says that for now, there is nothing Android users can do. “The vulnerability is in the firmware of the modem, not in Android itself,” she adds.

Still, Google reported that will publish a patch patch in the upcoming OS security bulletin – and Makkaveev recommends that system users apply it as soon as released by the search giant.

Keeping operating systems up to date, whatever they are, is of paramount importance due to events such as the one reported.