- IBM "2029년까지 오류 문제 해결한 양자컴퓨터 출시할 것"
- How to remove your personal info from Google Search - it's quick and easy
- Five iOS 26 features that I've been using on my Android phone for years
- Roku just revamped its TV lineup with big upgrades to picture quality and digital artwork
- The headphones I recommend to most audio professionals are cheaper than you think
Critical Vulnerability Found in Motorola’s Unisoc Chips
Cyber-threat intelligence firm Checkpoint Research (CPR) spotted a critical vulnerability in the Unisoc Tiger T700 chips that power the Motorola Moto G20, E30, and E40 smartphones.
The components, which replaced MediaTek’s chips in the aforementioned devices due to global shortages, have been marked as threat vectors due to a stack overflow vulnerability.
More specifically, due to the flaw, the smartphones were seen omitting the check to make sure that the modem’s connection handler was reading a valid IMSI or similar subscriber ID when connecting to an LTE network.
Because of this, the handler read a zero-digit field and created stack overflow conditions that could block the user from using the LTE network and be exploited for a denial of service (DoS) attack or for remote code execution.
Additional information about the vulnerability was released by CPR in a dedicated report, in which the firm said it disclosed the findings to Unisoc in May 2022.
“In this study, CPR did a quick analysis of the Unisoc baseband to find a way to remotely attack Unisoc devices,” the paper reads.
“We reverse-engineered the implementation of the LTE protocol stack and discovered a vulnerability that could be used to deny modem services and block communications.”
The vulnerability was given a critical score of 9.4 out of 10 but was reportedly patched by Unisoc in May 2022. Additionally, CPR said Google confirmed that they would be publishing the patch in the upcoming Android Security bulletin.
While there haven’t been reports of the vulnerability being exploited, the flaw represents a pressing issue, particularly because Unisoc processors are often used in budget smartphones, which do not always receive frequent updates.
The news of the Unisoc vulnerability in Motorola devices comes months after the phone manufacturer was under the spotlight in the US as the country’s government charged a telecommunications company in China with conspiring to steal trade secrets from Motorola.
