Full Chain Baseband Exploits, Part 1 | allinfosecnews.com

Dec. 7, 2023, midnight |

Taszk Labs on taszk.io labs labs.taszk.io

In our previous blog post, we have introduced our latest research into full chain baseband exploits. In this work, we have showcased new research tools we have developed (our nanoMIPS decompiler, debugger, and emulator for Mediatek basebands) and explored the interconnected components across the Cellular Processor and the Application Processor of Samsung and Mediatek radio interface stacks.
The most serious of such issues can lead to over-the-air exploitation of the device’s Android OS: zero-click remote code execution not only in …

application baseband blog blog post cellular components debugger decompiler emulator exploits latest mediatek processor research samsung tools work

More from labs.taszk.io / Taszk Labs on taszk.io labs

Full Chain Baseband Exploits, Part 3 5 months, 3 weeks ago | labs.taszk.io

arbitrary code baseband code code execution +14

Full Chain Baseband Exploits, Part 2 5 months, 3 weeks ago | labs.taszk.io

baseband buffer buffer overflow concrete +13

Full Chain Baseband Exploits, Part 1 5 months, 3 weeks ago | labs.taszk.io

application baseband blog blog post +13

CVE-2023-30646: Samsung RIL Heap Buffer Overflow 6 months ago | labs.taszk.io

advisory android arbitrary code baseband +19

CVE-2022-21744: Mediatek Baseband GPRS PNCD Heap Buffer Overflow 6 months ago | labs.taszk.io

advisory arbitrary code baseband buffer +16

CVE-2023-21517: Samsung Baseband LTE ESM TFT Heap Buffer Overflow 6 months ago | labs.taszk.io

advisory arbitrary code baseband buffer +18

CVE-2022-21769: Mediatek CCCI Kernel Driver OOB Read 6 months ago | labs.taszk.io

application baseband cellular communication +23

CVE-2022-21765: Mediatek CCCI Kernel Driver OOB Write 6 months ago | labs.taszk.io

advisory application arbitrary code baseband +20

CVE-2022-21766: Mediatek CCCI Kernel Driver Stack Buffer Overflow 6 months ago | labs.taszk.io

advisory application arbitrary code baseband +24

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com