Sign In

Communications of the ACM

ACM News

Researchers Find Critical Vulnerability in Smartphone Chips

View as: Print Mobile App Share:

Said Slava Makkaveev, a security researcher at Check Point, “The vulnerability is in the modem firmware, not in the Android OS itself. There is nothing for Android users to do right now, though we strongly recommend applying the patch that will be r

Credit: Elly Brian

A vulnerability affecting one of the world's largest chipmakers has been discovered by analysts at cybersecurity firm Check Point. 

The critical vulnerability – CVE-2022-20210 – has a CVSS score of 9.4 and affects UNISOC's smartphone chipset. The company – previously known as Spreadtrum – produces budget chipsets that power 2/3/4/5G devices ranging from smartphones to smart TVs. 

Due to the low prices of their chips, the Shanghai-based company has become very popular across Africa and Asia, so much so that by the end of 2021, UNISOC was firmly in fourth place among the largest smartphone chip manufacturers in the world – after MediaTek, Qualcomm and Apple – with 11% of the global market.

Check Point said the vulnerability is in the modem firmware and affects 4G and 5G UNISOC chipsets. UNISOC did not respond to requests for comment, but Check Point said the company acknowledged the vulnerability.

From The Record
View Full Article



No entries found