CyberSecurityBoard
Sponsor Register Login

New 5Ghoul Attack Impacts 5G Devices From Popular Brands

Cybersecurity researchers from the following organizations recently discovered the new 5Ghoul attack that impacts the 5G devices from popular brands:-.
5Ghoul exposes 5G vulnerabilities in Qualcomm and MediaTek modems, impacting smartphones, routers, and USB modems.
Twelve new vulnerabilities were discovered, with 10 affecting these major modems, three being highly severe.
5Ghoul uses a mimicked Dolev-Yao attacker model, exposing a controllable downlink channel to inject/modify 5G NR Downlink Packets without knowing the target UE's secret information.
The adversarial gNB manipulates downlink messages, enabling attacks at any 5G NR step, while later procedures face failure due to unknown SIM card details.
By deploying a malicious gNB using Software Defined Radio within the target 5G UE's radio range, the 5Ghoul vulnerabilities can be exploited easily over the air.
Despite the visual detectability of the USRP B210 in the researchers' setup, the miniaturized SDR equipment, like a Raspberry Pi, allows for stealthy and sophisticated attacks.
V5/V6 trigger temporary DoS on ARP5s, requiring continuous attacks for complete disruption.
V7 downgrades to 4G, forcing manual reboot for 5G restoration; persistent impact observed.
V8-V14 caused crashes on OnePlus with MediaTek Dimensity 900 5G Modem, necessitating modem reboots for 5G recovery.
Continuous attacks disrupt 3G/4G/5G communications on OnePlus, echoing V5/V6 behavior.
Exploitation on Specialized 5G Products: Vulnerabilities V5-V14 impact 5G devices with Qualcomm and MediaTek modems, affecting smartphones, USB modems, and low-latency communication appliances.
Downgrade Attacks: The vulnerability V7 acts as a downgrade attack, blocking 5G connections while allowing access to older technologies like 4G. This exposes users to different design issues inherent to various network technologies.
Estimating the reach of 5Ghoul: To gauge 5Ghoul's impact on 5G smartphones, we use web scraping to find models with vulnerable Qualcomm and MediaTek modems.
Mobile processors like Snapdragon 8XX or Dimensity XXXX integrate CPU, 5G modem, GPU, and peripherals, simplifying chipset identification.
The Challenge of Delivering 5G Patches to the End-user: Ensuring a secure modem SDK prevents prolonged vulnerabilities.
Issues in 5G modem implementation impact downstream vendors, causing delays in security updates due to software dependencies.
Here below, we have mentioned all the vulnerabilities that were described:-.
The potential of 5G is vast, but deeper research is crucial for uncovering vulnerabilities in its software.
The complex, multi-layered nature of 5G networks poses challenges, as seen in the discovery of 5Ghoul vulnerabilities in major chipset vendors despite their comprehensive testing resources.


This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 11 Dec 2023 14:05:23 +0000


Cyber News related to New 5Ghoul Attack Impacts 5G Devices From Popular Brands

5Ghoul Revisited: Three Months Later - About three months ago, I wrote about the implications and impacts of 5Ghoul in a previous diary. The 5Ghoul family of vulnerabilities could cause User Equipment to be continuously exploited once they are connected to the malicious 5Ghoul gNodeB. ...
3 months ago Isc.sans.edu
New 5Ghoul Attack Impacts 5G Devices From Popular Brands - Cybersecurity researchers from the following organizations recently discovered the new 5Ghoul attack that impacts the 5G devices from popular brands:-. 5Ghoul exposes 5G vulnerabilities in Qualcomm and MediaTek modems, impacting smartphones, routers, ...
6 months ago Cybersecuritynews.com
New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips - The 5Ghoul attacks range from temporary service disruptions to network downgrades, which may be more severe from a security standpoint. The researchers discovered the flaws while experimenting with 5G modem firmware analysis and report that the flaws ...
7 months ago Bleepingcomputer.com
'5Ghoul' Vulnerabilities Haunt Qualcomm, MediaTek 5G Modems - Academic researchers from the ASSET Research Group at the Singapore University of Technology and Design are raising an alarm for more than a dozen vulnerabilities plaguing hundreds of smartphone models that employ specific 5G modems. Collectively ...
6 months ago Securityweek.com
Attack Vector vs Attack Surface: The Subtle Difference - Cybersecurity discussions about "Attack vectors" and "Attack surfaces" sometimes use these two terms interchangeably. This article guides you through the distinctions between attack vectors and attack surfaces to help you better understand the two ...
1 year ago Trendmicro.com
an Evolution in Brand Spoofing Prevention - This technology uses advanced technologies, such as AI, Natural Language Processing, image processing, and heuristics, to detect and prevent attempts of brand impersonation by matching URLs and web pages with established brands. Our new DeepBrand ...
6 days ago Blog.checkpoint.com
CVE-2021-41769 - A vulnerability has been identified in SIPROTEC 5 6MD85 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD86 devices (CPU variant CP300) (All versions < V8.83), SIPROTEC 5 6MD89 devices (CPU variant CP300) (All versions < ...
2 years ago
Ransomware Hits Hundreds of Yum! Brands Restaurants in the UK - Recent reports have revealed that hundreds of Yum! Brands restaurants in the UK have been hit by a ransomware attack. The perpetrators have demanded money to restore the stolen data, but so far there has been no indication that the restaurant has ...
1 year ago Securityweek.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
3 months ago Darkreading.com
Kolide 2.0 is Here - An Update to Feed Sponsorship on GrahamCluley - GrahamCluley, a popular cyber security website, recently released a Feed Sponsoring update – Kolide 2.0. This update brings several exciting new features to the Feed Sponsoring service. Now, sponsors can take full advantage of the increased ...
1 year ago Grahamcluley.com
Cyber Crime Wave: Chinese Scammers Target Europe with Fake Designer Brands - In the last couple of weeks, there has been an increase in the number of people who have been duped into sharing their card details and other personal information with a network of fake online designer shops that are operated from China, which appear ...
1 month ago Cysecurity.news
Coming Soon to a Network Near You: More Shadow IoT - News of former Microsoft head of product Panos Panay's exit caused a small stir in the tech industry when it was learned he would join Amazon to lead that company's product division. Precisely what Amazon and Panay have in mind for that ecosystem has ...
5 months ago Securityweek.com
Webex announces comprehensive Device Management Capabilities with Phonism integration - Webex is excited to announce a comprehensive solution for 3rd party Device Management referred to as 'Partner Managed Devices. ' Partner Managed Devices allows Webex Cloud Calling offers to support a flexible Device Management strategy. With this ...
7 months ago Feedpress.me
Unified Endpoint Management: What is it and What's New? - What began as Mobile Device Management has now transitioned through Mobile Application Management and Enterprise Mobility Management to culminate in UEM. This progression underscores the industry's response to the ever-growing challenges of modern IT ...
6 months ago Securityboulevard.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
7 months ago Esecurityplanet.com
Why BYOD Is the Favored Ransomware Backdoor - These devices exist outside of direct corporate management and provide a ransomware gang with unchecked platforms for encrypting data. Microsoft's fourth annual Digital Defense Report for 2023 reveals that 80% of all ransomware compromises come from ...
5 months ago Esecurityplanet.com
IoT Security for Business: Safeguarding Connected Devices - In this discussion, we will explore the significance of IoT security for businesses and effective strategies for safeguarding connected devices. With the increasing number of connected devices in business environments, the need for effective IoT ...
5 months ago Securityzap.com
The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
6 months ago Ghacks.net
East Texas hospital network can't receive ambulances because of potential cybersecurity incident - GetTime();if(!(u<=a&&d<=l throw new RangeError("Invalid interval");return r.inclusive?u<=l&&d<=a:ut||isNaN(t. Step):1;if(s<1||isNaN(s throw new RangeError("`options. Step):1;if(l<1||isNaN(l throw new RangeError("`options. GetTime()<=n throw new ...
7 months ago Cnn.com
IoT Security: Safeguarding Business IoT Devices - The security of IoT devices is of utmost importance as businesses increasingly rely on them to streamline operations and enhance productivity. In this discussion, we will explore the importance of IoT security in safeguarding business IoT devices and ...
4 months ago Securityzap.com
Avast researchers detect a surge in fake e-shops following holidays - We kick off the new year with expectations of sales, but beware: a dangerous wave of fake e-shops is spreading on the internet. As the festive season wraps up, a new challenge emerges for online shoppers: the rise of over 4,000 counterfeit e-shops. ...
6 months ago Blog.avast.com
Pirated Software Puts Mac Users at Risk as Proxy Malware Emerges - Malware is being targeted at Mac users who receive pirated versions of popular apps from warez websites after they choose to download them from those websites. Various reports state that cybercriminals are infecting macOS devices with proxy trojans ...
7 months ago Cysecurity.news
Apparel giant VF reports cyberattack on first day of SEC disclosure rule - VF Corporation said it detected unauthorized activity on a portion of its information technology systems on December 13 and was forced to shut down some systems. Known for popular brands like North Face, Vans, Timberland and Jansport, it reported ...
6 months ago Therecord.media
MIPS chips targeted by new P2Pinfect malware in Redis server and IoT-based attacks - A new variant of P2Pinfect has been observed targeting embedded IoT devices based on 32-bit MIPS processors, malware that aims to bruteforce Secure Shell access to these devices. Written in Rust, the P2Pinfect malware acts as a botnet agent, ...
7 months ago Packetstormsecurity.com
The key to connected care excellence - Antoinette Hodes is a Global Solutions Architect, specializing in IoT, and serves as an Evangelist with the Check Point Office of the CTO. She has worked as an engineer in IT for over 25 years and is an experienced security solutions architect in the ...
6 months ago Blog.checkpoint.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)