Smartphones Powered by Unisoc SoCs Vulnerable to Hacking, Claims Check Point Research

A new vulnerability exposes Unisoc chipsets to hackers, that can potentially restrict communications from afar.


Several low-cost smartphones are vulnerable to hacking due to a number of flaws in the modems and other chip-related problems that put Android users at risk. Check Point Research, a cyber security research firm, has discovered a vulnerability in the Unisoc modem that might affect communication, according to a recent study.

Users should not be alarmed at this time, since Check Point Research notified the Unisoc teams back last month (May 2022) and informed them of their findings. Unisoc verified the findings and fixed the vulnerability with a critical 9.4 rating. Google has announced that the fix will be released in the next Android Security Bulletin, and hence it is recommended for users to always stay updated. Let’s take a closer look at the vulnerability and everything we know so far.

How Can This Flaw Affect Your Phone?

Check Point Research reverse-engineered the implementation of the LTE protocol stack and uncovered a vulnerability that may be exploited to deny modem services and potentially restrict communications by a threat actor from afar.

The vulnerability was discovered on a Motorola Moto G20 (XT2128-2) with the January 2022 update installed (RTAS31.68.29), though it exists on other phones as well. The Moto G20 is powered by the Unisoc T700 chip.

A corrupted packet can be exploited to interrupt the device’s radio transmission by exploiting this vulnerability. An attacker, or even a military unit, can use this flaw to disable communications on the targeted devices.

There’s nothing Android users can do right now, but keep their phones updated with the latest Android security patches. Note that the patch for this vulnerability has not yet been rolled out, it is said to reach users with the next Android security update.

Notably, this isn’t the first time a vulnerability has been reported against Unisoc chipsets. A malicious app downloaded by the phone’s owner, or an app installed by a handset maker or wireless carrier before the phone reaches the user, could take control of the phone by giving the Unisoc app particular commands, in the past.

Unisoc manufactures chipsets that run on 2/3/4/5G networks and power everything from smartphones to smart TVs. The company’s chipsets are immensely popular in Africa and Asia and can be found on popular smartphones including the Nokia G21, Micromax In 2C and the Narzo 50A Prime. Unisoc was once reported to be the fourth-largest smartphone chip maker in the world, with an 11 percent worldwide market share.