Unisoc, a Chinese semiconductor company, that produces processing units and different kinds of chips for smartphones is affected by a critical security vulnerability, and smartphones using UNISOC chips are at risk. These chips are majorly found in the budget smartphones from Motorola, Samsung, Nokia, and many other brands.
Report found a critical security vulnerability in UNISOC chips
A report from Checkpoint Research shows that a new critical security vulnerability has been found in a specific UNISOC chipset in three Motorola devices. The vulnerability can neutralize or block the cellular communication capabilities of the device. According to Slava Makkaveev, Reverse Engineering and Security Research attorney at Check Point Software, “An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker.”
Although there were no reports of this critical security flaw getting exploited this is still a large problem because Unisoc chipsets used in budget smartphones rarely get new software updates. However, last month, the Checkpoint Research already notified Unisoc about the issue and the company evaluated it to be of critical risk with a 9.4 out of 10 ratings and promptly patched the issue. Makkaveev mentioned that users have to wait for the release of a patch by Google in the upcoming Android Security Bulletin he further asked the users of Unisoc chipset to keep their eyes on the release of security patches and it must be installed on time.
List of Motorola phones prone to remote hacking
The issue stems from the Unisoc T700 chip that Motorola has put in three of its smartphones – Moto G20, Moto E30, and the Moto E40 smartphones. According to Checkpoint; “In this study, we looked at the UNISOC baseband as an attack target for the first time. We scanned NAS message handlers within a short period of time and found a vulnerability that can be used to disrupt the device’s radio communication through a malformed packet. A hacker or a military unit can leverage such a vulnerability to neutralizing communications in a specific location.”