قطاعة الخضر
وفر 22%! اشترِ قطاعة الخضر بسعر 250 د.ل فقط في ليبيا. متوفر حالياً، الدفع عند ال
🛒 تسوق الآنAI Uncovers Hidden Security Flaws in Over 540 5G Smartphone Models Worldwide
AI Uncovers Hidden Security Flaws in Over 540 5G Smartphone Models Worldwide
A groundbreaking artificial intelligence study led by the University at Buffalo has exposed critical security vulnerabilities in more than 542 5G smartphone models across every major manufacturer, raising urgent questions about the safety of the global mobile ecosystem that billions of people rely on daily.
Main Facts and Key Details
The research team, led by Professor Hongxin Hu of UB's Department of Computer Science and Engineering, developed an AI-driven testing framework called CONSET (Constraint-Guided Semantic Testing) that identified seven previously unknown vulnerabilities in commercial 5G smartphones, including three classified as high severity. The confirmed flaws affect 64 modem chipsets used in 542 smartphone models worldwide. The vulnerabilities exploit a brief gap during initial network connection — before a phone verifies a cell tower's authenticity — allowing attackers using inexpensive radio equipment to set up fake cell towers and crash nearby devices, cutting off calls, data, and even emergency communications.
Reactions and Context
MediaTek assigned three high-severity Common Vulnerabilities and Exposures (CVEs) and released patches. Qualcomm confirmed several findings, with additional issues still under review. The researchers received $16,000 in combined bug bounty awards for their responsible disclosure. The team also tested CONSET on an open-source 5G platform, identifying 29 distinct crash points, four of which have already been resolved. More recently, the team discovered additional baseband system vulnerabilities affecting Apple and Google devices and is working with both companies to address them. The study, titled "Semantics Over Syntax: Uncovering Pre-Authentication 5G Baseband Vulnerabilities," was accepted to the 35th USENIX Security Symposium, one of the world's leading cybersecurity conferences, to be held in Baltimore this summer. The Global System for Mobile Communications Association formally acknowledged the team's contributions to strengthening global mobile security.
Challenges and Outlook
The discovery highlights a fundamental tension in 5G deployment: the standard, developed by the 3rd Generation Partnership Project (3GPP), spans thousands of pages of technical specifications, and subtle logic errors between what the standard requires and how device manufacturers implement it can create dangerous security gaps. Traditional testing methods — essentially sending garbled messages to crash devices — fail to catch these nuanced flaws. CONSET uses a large language model to interpret 3GPP standards, extract requirements, and generate targeted test cases that reveal hidden vulnerabilities. As 5G becomes the backbone of critical infrastructure, from healthcare to transportation, experts say AI-driven security testing will become essential to staying ahead of increasingly sophisticated attackers.
The research team emphasized that because they followed responsible disclosure practices, manufacturers were able to patch the vulnerabilities before they could be exploited at scale. However, with global 5G subscriptions expected to exceed 3 billion by 2027, the findings serve as a stark reminder that the security of next-generation networks remains a work in progress.
