Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core AP5GC. The first vulnerability CVE-2024-20685 allows a crafted signaling message to crash the control plane, leading to potential service outages. The second ZDI-CAN-23960 disconnects and replaces attached bas...

SIM Hijacking

SIM hijacking -- or SIM swapping -- is an attack where a fraudster contacts your cell phone provider and convinces them to switch your account to a phone that they control. Since your smartphone often serves as a security measure or backup verification system, this allows the fraudster to take ov...

Platform Load Sharing Facility 4/5/6 - 'EAuth' Local Privilege Escalation

source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedures within Load Sharing Facility. An issue has been reported where an...

Platform Load Sharing Facility 456 - EAuth Local Privilege Escalation

Platform Load Sharing Facility 456 - EAuth Local Privilege Escalation source: https://www.securityfocus.com/bid/9724/info Load Sharing Facility eauth component has been reported prone to privilege escalation vulnerability. The eauth component is responsible for controlling authentication procedur...