Researchers safety found 36 new vulnerabilities in the Protocol 4G LTE

Исследователи по безопасности нашли 36 новых уязвимостей в протоколе 4G LTE

A study published by the South Korean security experts says 36 new dangerous vulnerabilities of the Protocol, 4G. It should be noted that each new standard has fewer problems and incompatibilities. Communication 5G promises to be more reliable when using 4G (LTE), which, however, does not exclude the probability of detection in the future vulnerabilities in the networks of the fifth generation.

Specialists of the Institute Korea Advanced Institute of Science and Technology (KAIST) used to find vulnerabilities in the Protocol (network) LTE the same method that is used to search for problem solutions in software for PCs and servers. This so-called method fazzinga when the system is attacked (loaded) sequence is incorrect, unexpected, or random data. After exercise, we study the system response and construction of scenarios for the protection and deepening of attack.

Experts KAIST developed to check the security of the Protocol LTE and vulnerability scanning tool LTEFuzz, but promise not to spread it in open access, and to transmit only equipment manufacturers and network operators.

Using LTEFuzz was discovered more than 50 vulnerabilities, 36 of which were completely new. Method allowed to find 15 already known vulnerabilities, which confirmed the correctness of the chosen technology. The testing was carried out in networks of two unnamed operators, and in cooperation with them, so normal users will not be affected.

For example, managed to listen to the subscribers, to read the data in the exchange base stations with devices, send fake SMS, block incoming calls, disable subscribers from the network, to control traffic and do many other things. All the vulnerabilities found, including the “hole” in the equipment of base stations of mobile communication, experts KAIST has notified vendors and organizations 3GPP and GSMA.

Share