Cybersecurity researchers have uncovered a vulnerability in the Kigen eUICC eSIM technology that could allow attackers to install malicious applets and access sensitive profiles. This flaw, rooted in older GSMA TS.48 test profiles, poses significant risks for mobile devices and IoT systems, especially if exploited by nation-state actors. #Kigen #GSMA_TS48
Keypoints
- The breach affects the security of Kigen eUICC embedded SIM cards used in over two billion IoT devices.
- The vulnerability exists in older versions of the GSMA TS.48 test profile, prior to v7.0.
- Successful exploitation requires physical access and knowledge of publicly available keys.
- An attacker could tamper with or clone mobile profiles, leading to privacy breaches and device compromises.
- The flaw increases risks of covert communications interception and potential manipulation of mobile operator profiles.
Read More: https://thehackernews.com/2025/07/esim-vulnerability-in-kigens-euicc.html