Recent research has uncovered vulnerabilities in eSIMs and eUICC chips, primarily related to Java Card technology, which could allow cloning and spying. Although mitigations are underway, these flaws pose serious privacy and security risks, especially for mobile operators and IoT devices. #JavaCard #eSIMVulnerabilities
Keypoints
- Researchers discovered vulnerabilities in eUICC chips that could be exploited for cloning and spying.
- The flaws are linked to previously disclosed Java Card technology vulnerabilities from 2019.
- Attacks require temporary physical access to extract keys, enabling over-the-air malicious app installation.
- Cloning eSIM profiles could allow attackers to intercept calls and messages designated to the original device.
- Mitigation steps are being taken, but security experts caution of ongoing risks and potential backdoors.
Read More: https://www.securityweek.com/esim-hack-allows-for-cloning-spying/