Recent research revealed critical security flaws in Kigenβs eUICC embedded SIMs, allowing hackers to extract private keys and clone profiles, which threatens global device security. The vulnerabilities stem from Java Card bytecode issues, highlighting the urgent need for industry-wide improvements in SIM hardware protections. #Kigen #eUICC #JavaCardVulnerabilities
Keypoints
- Security Explorations identified significant vulnerabilities in Kigenβs embedded SIM technology.
- The hackers successfully extracted the private ECC key, enabling profile cloning and identity impersonation.
- The exploit exploited longstanding Java Card bytecode flaws originating from 2019.
- Kigen responded with patches, but industry-wide risks remain due to ongoing security gaps.
- The research toolkit facilitates deeper memory and VM integrity testing, exposing broader vulnerabilities across devices.
Read More: https://thecyberexpress.com/breaking-euicc-security/