No worries. We'll just patch it. oh. Wait a sec....
Don't all operators sell re-badged routers and 3G/4G modems from Huawei, ZTE, Gemtek, and Quanta?
I'm sure there must be an easy way to patch these.
Oh. Wait a sec...
Now I'm sad.
0day remote code exec holes in mobile modems can read SMS and HTTP
Russian security tester Timur Yunusov has found critical vulnerabilities in routers and 3G and 4G modems from Huawei, ZTE, Gemtek, and Quanta. The flaws mean attackers could completely compromise machines and intercept SMS and HTTP traffic. The research first detailed in December and showcased to hackers yesterday at the …
-
Saturday 12th March 2016 06:35 GMT Christian Berger
Well that's just a scratch on the surface...
... those modems are also connected via radio to mobile phone networks. Those are _extremely_ complex protocols implemented by very few companies with no security audits at all. So it's very likely that your modem can be compromised with a fake base station.
Such an exploit would be highly valuable as you can make it exploit a large chunk of the market, as those chipsets all run more or less the same code, probably even the same binary code. While on PCs you are still limited by what you can do via USB, on smart phones you have direct access to the RAM of your "Application Processor".
