Does your phone use Unisoc chip? Research says it may be vulnerable to hacking

The newfound vulnerability was discovered in a Unisoc T700 chipset inside a Motorola Moto G20.

Unisoc, the Chinese semiconductor firm, recently ramped up the production of mobile processors. As a result, leading smartphone companies started using Unisoc processors in their low-end phones. But these processors may not be safe, new research has revealed. Check Point Research has highlighted that Unisoc chips have a critical security vulnerability, which makes phones running them prone to hacking.

Research published by Check Point Research shows the modem firmware in Unisoc 4G and 5G chips has a critical security flaw, which is labelled CVE-2022-20210. The researchers said they discovered the flaw while scanning Non-Access Stratum (NAS) message handlers in the chip’s modem firmware. This vulnerability, researchers said, could be exploited to either make cellular communication capabilities of the chip neutral or defunct entirely.

“An attacker could have used a radio station to send a malformed packet that would reset the modem, depriving the user of the possibility of communication. Left unpatched, cellular communication can be blocked by an attacker,” said Salva Makkaveev, reverse engineering and security research attorney at Check Point Research.

The newfound vulnerability was discovered in a Unisoc T700 chipset inside a Motorola Moto G20. This chipset was updated to the Android January 2022 security patch, the researchers said. But, according to their findings that were disclosed in May, the vulnerability exists on other Unisoc chipsets, thereby making the associated phones vulnerable to hacking.

Check Point Research said it made Unisoc aware of the vulnerability and the company acknowledged it. Unisoc has said that it has issued a patch for the affected chipsets, but it might take some time to reach everyone. Makkaveev added, “There is nothing for Android users to do right now, though we strongly recommend applying a patch that will be released by Google in their upcoming Android Security Bulletin.”

If your phone uses a Unisoc chipset, it is better you look for an update and immediately install it, irrespective of the model.