Check Point Research’s cybersecurity experts discovered a vulnerability within LTE modem firmware based upon Chinese UNISOC Chipets. These chipsets can be found in budget smartphones. The theory is that attackers could block a device’s connection to cellular network.
Image source: unisoc.com
The vulnerability was discovered when working with the Motorola Moto G20 smartphone based off the UNISOC T700 chipet. Researchers reverse engineered the modem in order to determine how LTE support was implemented. Researchers discovered that the device could be disconnected from the network by sending an SMS or a radio package.
CVE-2022-20210 was assigned to this vulnerability and a rating 9.4 (“critical”) in May. In May, researchers reported the discovery to UNISOC. A patch was available by the end of the month to fix the bug. Android users with devices based on UNISOC chips need to update to the most recent version.
Factoryless Chinese company UNISOC has been developing chipsets for mobile phones for 21 years, 17 of which it worked under the Spreadtrum Communications brand—the rebranding was carried out in 2018. Counterpoint analysts determined that the company ranks fourth worldwide in mobile platform development behind Qualcomm, Apple, MediaTek.