New Unisoc vulnerability affects the Moto G20, Moto E30, and Moto E40

Check Point Research (CPR), a cyber threat intelligence group has provided information about a vulnerability that it has discovered. The vulnerability was found in phones powered by a Unisoc Tiger T700 SoC. While you might not be familiar with the processor, it powers a number of phones from Motorola including the Motorola Moto G20, Moto E30, and Moto E40.

Prior to its findings, Check Point Research had not found any listings for vulnerabilities with regards to Unisoc products. But checking into the baseband of Unison’s SoC, it was able to find a way to remotely attack devices. The vulnerability would allow an intruder to halt modem services, and even worse, stop all communications on affected phones.

CPR did a quick analysis of the UNISOC baseband to find a way to remotely attack UNISOC devices. We reverse-engineered the implementation of the LTE protocol stack and discovered a vulnerability that could be used to deny modem services and block communications.

Basically, a bad data packet is sent to the Unisoc device and when the modem takes in that data, the modem crashes. When this happens, the attacker can initiate a Denial of Service (DoS) attack or Remote Code Execution (RCE). While devices with the Unisoc Tiger T700 SoC are vulnerable for now, that won’t be the case for much longer.

CPR reported the vulnerability to Unisoc in May of 2022. The company acknowledged the vulnerability, marking the problem as critical. The company has since issued a patch for the vulnerability.

Unisoc previously had issues with its chips in March, when dozens of lower end smartphones were compromised due to Unisoc’s entry level processor, the SC9863A. As mentioned previously, the new vulnerability currently affects phones with the Unisoc Tiger T700 SoC, which can be found in smartphones like the Motorola Moto G20, Moto E30, and Moto E40.