A new vulnerability discovered that could be exploited by attackers, could allow them to take complete control over mobile phones and key parts of the world’s telecommunications infrastructure and make it possible to eavesdrop or disrupt entire networks. Craig Young, Cybersecurity Researcher for Tripwire commented below.
Craig Young, Cybersecurity Researcher at Tripwire:
“Common components used by many products are very attractive targets for attackers. Code for parsing or decoding data can be particularly risky and should be carefully inspected before use, but unfortunately vendors commonly make the assumption that 3rd party code is secure. In this particular case, the flaw can be exploited by a cellular network operator. While this may sound like a large barrier for an attacker, it is important to understand that a fake base station can be created for a price tag on the order of hundreds of dollars. Some intelligence agencies and even local police stations even have commercial products which could potentially be modified to exploit this attack.”