Summary: Researchers from the Florida Institute for Cybersecurity Research and North Carolina State University have discovered 119 vulnerabilities in open source and commercial LTE and 5G implementations, which could enable persistent denial-of-service (DoS) attacks on cellular networks. These vulnerabilities can be exploited by unauthenticated devices and may disrupt cellular communications city-wide. The detailed findings, including a fuzzing framework used for detection, are documented in their research paper titled “RANsacked.”
Affected: LTE and 5G network implementations (Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, srsRAN)
Keypoints :
- 119 vulnerabilities were identified during the scrutiny of seven LTE and three 5G implementations.
- 93 of these flaws received CVE identifiers, indicating their significance and the need for remediation.
- Attacks can be executed by sending small packets, which can be done by unauthenticated devices, potentially disrupting entire metropolitan connectivity.
- The researchers reported issues to the maintainers of affected systems but received no responses from NextEPC and SD-Core.
- The proliferation of smaller 5G base stations makes them more vulnerable to physical compromise and attacks targeting IPsec keys.