A group of Singaporean researchers have discovered not one, not two but a total of fourteen security flaws that affect over 700 different 5G smartphones out there. Collectively dubbed ‘5Ghoul’, these security vulnerabilities also affect other devices such as routers and modems too.
Researchers from the Singapore University of Technology and Design were apparently just messing around with 5G modem firmware, when they found these flaws that could be easily exploited over the air simply by impersonating a 5G base station. But perhaps crucially though, the hacker won’t even need details such as SIM card information to exploit 5Ghoul, merely needing to impersonate the cell tower with known connection parameters.
Of the fourteen vulnerabilities discovered, they have so far publicly disclosed ten of them, withholding a further four due to security reasons. They mostly affect 5G modems from Qualcomm and MediaTek, which covers nearly all 5G Android smartphones and Apple smartphones. These vulnerabilities cause issues such as forcing your 5G modem to freeze, hang, crash or reboot, as well as sometimes force your connection to downgrade to 4G instead.
“In this vulnerability disclosure report, we discuss details of 5Ghoul – a family of implementation-level 5G vulnerabilities. Such a family of vulnerabilities are present in the firmware implementation of 5G mobile network modems from major chipset vendors i.e., Qualcomm and MediaTek.
Consequently, many 5G-capable commercial products such as smartphones, Customer-premises Equipment (CPE) routers and USB modems are potentially impacted due to the employment of vulnerable 5G modems in such products,”- Matheus E. Garbelini; Zewen Shang; Shijie Luo; Sudipta Chattopadhyay; Sumei Sun; Ernest Kurniawan
In total, the researchers found 714 5G smartphones that are affected by 5Ghoul, with the likes of Xiaomi, Vivo, Samsung, Oppo and Apple all affected by it. Perhaps even more worrying though is that there could be even more affected models, as the firmware code used in these modems may have been shared across other modem models too.
At the moment, Qualcomm and MediaTek have acknowledged the issue, having published security bulletins for the 5Ghoul vulnerabilities. However, it will also depend on the manufacturers themselves to issue out patches to your device, meaning 5Ghoul remains a potential problem especially if you’re using an Android smartphone that’s no longer receiving security updates. The researchers also note that even if your phone is currently getting updates, by the time the patch goes public your phone may have already reached end-of-support due to the complexity of the issue.
For more details about 5Ghoul, you can read the researchers’ report here.