Researchers have identified 119 security vulnerabilities across various LTE and 5G implementations, which could be exploited to disrupt cellular services and access the core network. The vulnerabilities were uncovered in a study named "RANsacked," which revealed that attackers could bring down essential network functions with minimal effort, such as sending small data packets without needing authentication. These vulnerabilities, often stemming from buffer overflows, reveal significant risks to the cellular infrastructure, potentially exposing sensitive subscriber data and enabling targeted attacks.
Every one of the >100 vulnerabilities can be used to disrupt all cellular communications, impacting services like phone calls and data at a city-wide level.
An attacker can crash the Mobility Management Entity in an LTE/5G network by sending a small data packet as an unauthenticated user without a SIM card.
Collection
[
|
...
]