Unisoc is a China-based chip-making company. The company saw a lot of success due to opportunities from the global chip shortage crisis. Additionally, Unisoc surpassed the Taiwanese cohort MediaTek by taking the latter’s place in more budget phones. Unfortunately, however, some of the company’s old chips pose a threat. As a result, it put many budget phone owners at risk with only minimal prospect of a patch. Most importantly, reports state a vulnerability in the Unisoc chip affecting three Motorola devices.
The Checkpoint Research analysts discovered this vulnerability in the Tiger T700 chip in Moto G20, E30, and E40. The defect occurs when the cellular modem tries to connect to an LTE network. Additionally, the critical flaw is a check omission to ensure that the modem’s connection handler reads a valid IMSI or similar subscriber ID.
Furthermore, a zero-digital field reading in the handler leads to stack overflow. As a result, a denial of service attack or remote code execution occurs, blocking the user from the LTE network. In addition, it is unclear if the same baseband modem with the same firmware is present on other Unisoc AP chips.
Moreover, the Checkpoint Research alerted Unisoc last month about the risk of these Motorola phones being vulnerable to hacking. As a result, the company evaluated the vulnerability and declared it a critical risk with a 9.4/10 rating. In addition, Unisoc patched the issue too.
Google might likely roll out the patch to users with this month’s Android security bulletin. After that, Motorola will have to carry forward the patch distribution. Besides, companies discovering chip-level issues of varying severity is nothing new, and they receive repairs every time. So, there is no cause for worry if a user has a phone with a Unisoc chip as the company is fixing this latest problem. In any case, it is best if users make sure that their device’s manufacturer is on the same page with Unisoc.