UNISOC mobile chip vulnerability detailed

Mobile devices using UNISOC's 4G and 5G chipsets are affected by a critical security vulnerability, tracked as CVE-2022-20210, which has since been addressed by UNISOC, reports TechRepublic. Check Point Research discovered the flaw within the UNISOC modem firmware and could be exploited to interrupt devices' radio communications in a particular location. "An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be released by Google in their upcoming Android Security Bulletin," said Check Point Software security researcher Slava Makkaveev. UNISOC also noted the vulnerability of smartphone modems to attacks owing to its accessibility. "The UNISOC chip contains a set of specialized processors to isolate the special features of the device, as well as reduce the load on the main processor that runs Android. Thus, the radio modem is represented on the chip by a separate processor and operating system," said UNISOC.