CVE-2025-48219

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI E-UTRAN Cell Identity leak. The Cell ID might be usable to...

CVE-2025-48219

O2 UK before 2025-05-19 allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a Cellular-Network-Info SIP header, aka an ECI E-UTRAN Cell Identity leak. The Cell ID might be usable to...

PT-2025-21849 · O2 Uk · O2 Uk

Name of the Vulnerable Software and Affected Versions: O2 UK through 2025-05-17 Description: The issue allows subscribers to determine the Cell ID of other subscribers by initiating an IMS IP Multimedia Subsystem call and then reading the utran-cell-id-3gpp field of a "Cellular-Network-Info" SIP...

CVE-2025-48219

O2 UK prior to 2025-05-19 exposes a vulnerability where an IMS call lets a subscriber read the utran-cell-id-3gpp (ECI) from the Cellular-Network-Info SIP header, potentially enabling crowdsourced cell-location inference. The issue concerns O2 UK VoLTE/IMS behavior and references ETSI TS 124 229 ...