Basebanheimer: Now I Am Become Death, The Destroyer Of Chains

Talks about baseband vulnerabilities are certainly in fashion these days. However, most publications so far omit the step of escaping the baseband runtime. With the novelty of baseband-only vulns wearing off, we decided to look at some popular targets (Samsung and MediaTek smartphones) with full chain exploitation in mind.
Over the last year, our research has resulted in a dozen+ CVEs, including both remote code execution vulnerabilities and baseband-to-Android pivot vulnerabilities. I will be presenting the details of our work …

baseband death exploitation fashion mediatek popular publications runtime samsung smartphones talks vulnerabilities vulns