Zimperium Safety gaps in mobile phone antennas

Three critical gaps in BTS stations allow hackers to compromise mobile phone antennas, according to Zimperium researchers.

"BTS" comes from the initials of the Base Transceiver Station and is the technical term used to describe the mobile antennas we see every day in our cities.Zimperium Base Transceiver Station

BTS stations are the backbone of every mobile network around the world and are used to relay calls, SMS messages and data packets from us to the data centers of the mobile telephone companies, which in turn transmit the calls, SMS messages and data packets to their destination.

Mobile security firm Zimperium, (which discovered the Stagefright bug), says there are three critical ones them to various software packages running on BTS stations.

Currently there seem to be three issues which mobile phone companies and BTS software should be addressed directly with their equipment.

The first is a bug in one BTS core software that exposes the device to external connections, allowing an attacker to reach the BTS transceiver via the Internet.

Attackers can send UDP packets to certain ports (5700, 5701, 5701) και να εκμεταλλευτούν τις ενσωματωμένες της συσκευής. Αυτό επιτρέπει στον εισβολέα να αποκτήσει τηλεχειρισμό του σταθμού BTS, να τροποποιήσει την κυκλοφορία GSM, να συλλέγει from passing data, crashing the BTS station, and more.

In this case, the Zimperium recommends companies shut down the ports used to control and exchange data using only the local interface (127.0.0.1), or to deploy a firewall to block external traffic.

The second issue is a memory overflow caused by oversized UDP packets. It is a classic flaw that allows remote code ( code execution flaw or RCE) that allows an attacker to execute malicious code on the device. This bug is only as dangerous as the attacker's abilities.

The third error is related to the first. If the attacker can send custom UDB στο σταθμό BTS, επειδή το κανάλι does not have any authentication, and can execute commands on of the BTS station transceiver. The transceiver is the main component in the BTS station platform that sends and receives data.

This particular defect, according to Zimperium, allows an attacker to control the transceiver unit remotely, without having to have administrator passwords.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).