119 Critical Flaws Expose LTE and 5G Networks to City-Wide Communication Blackouts

119 Critical Flaws Expose LTE and 5G Networks to City-Wide Communication Blackouts

Security Researchers Uncover Major Vulnerabilities in LTE and 5G Networks

A comprehensive security audit has revealed 119 critical vulnerabilities affecting LTE and 5G network implementations, potentially exposing cellular networks to significant security risks. The research, conducted by teams from the University of Florida and North Carolina State University, identified 97 unique CVE-classified vulnerabilities across multiple cellular network implementations.

The affected systems include seven LTE implementations (Open5GS, Magma, OpenAirInterface, Athonet, SD-Core, NextEPC, srsRAN) and three 5G implementations (Open5GS, Magma, OpenAirInterface). The vulnerabilities were discovered through a specialized fuzzing technique called RANsacked, targeting Radio Access Network (RAN)-Core interfaces.

Key Findings:
– 79 vulnerabilities in MME implementations
– 36 vulnerabilities in AMF implementations
– 4 vulnerabilities in SGW implementations
– 25 vulnerabilities enabling NAS pre-authentication attacks

The security implications are severe, with potential attackers able to:
– Disrupt cellular communications citywide
– Crash critical network components using a single data packet
– Access the cellular core network
– Monitor subscriber location and connection information
– Launch targeted attacks on specific users

The researchers highlight that these vulnerabilities are particularly concerning given the increasing accessibility of cellular network equipment, especially with the introduction of home-use femtocells and 5G gNodeB base stations. This shift from traditionally secured infrastructure to more exposed systems creates new security challenges for cellular networks.

Share This Article