Login Sign Up

CVE-2023-33914

7.5 HIGH
Authentication Bypass

📋 TL;DR

CVE-2023-33914 is a vulnerability in the NIA0 algorithm implementation within Security Mode Command in certain Unisoc chipsets. It allows remote attackers to potentially disclose sensitive information without authentication or additional privileges. This affects devices using vulnerable Unisoc cellular modem chipsets.

💻 Affected Systems

Products:
  • Unisoc cellular modem chipsets with NIA0 algorithm implementation
Versions: Specific affected versions not publicly detailed in advisory
Operating Systems: Android and other mobile OS using affected Unisoc chipsets
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with Unisoc chipsets when using cellular networks with NIA0 security algorithm.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker could intercept or manipulate cellular network communications, potentially accessing sensitive user data transmitted over cellular networks.

🟠

Likely Case

Information disclosure of cellular network signaling data, potentially revealing device location, IMSI, or other cellular identifiers.

🟢

If Mitigated

Limited impact with proper network segmentation and cellular security controls in place.

🌐 Internet-Facing: HIGH - Cellular networks are inherently internet-facing and devices are exposed to base station communications.
🏢 Internal Only: LOW - This vulnerability primarily affects cellular network interfaces, not internal enterprise networks.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires cellular network access and knowledge of 5G/NR security protocols.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public advisory

Vendor Advisory: https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434

Restart Required: Yes

Instructions:

1. Contact device manufacturer for firmware updates. 2. Apply Unisoc-provided patches for affected chipsets. 3. Update device firmware through manufacturer channels.

🔧 Temporary Workarounds

Disable vulnerable cellular bands

all

Configure devices to avoid using cellular bands that trigger the vulnerable NIA0 algorithm

Network-level filtering

all

Implement network security controls to monitor for suspicious cellular signaling patterns

🧯 If You Can't Patch

  • Isolate affected devices from sensitive networks and applications
  • Implement additional encryption layers for cellular data transmission

🔍 How to Verify

Check if Vulnerable:

Check device specifications for Unisoc chipset usage and consult manufacturer security bulletins

Check Version:

Device-specific commands vary by manufacturer (e.g., Android: Settings > About phone > Baseband version)

Verify Fix Applied:

Verify firmware version against manufacturer's patched versions and test cellular security functions

📡 Detection & Monitoring

Log Indicators:

  • Unusual cellular signaling patterns
  • Security Mode Command failures in modem logs

Network Indicators:

  • Anomalous NIA0 algorithm usage patterns in cellular network monitoring

SIEM Query:

Not applicable - cellular network monitoring requires specialized telecom equipment

📊 Metadata

CVE ID: CVE-2023-33914
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-20
Published: September 4, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-33914, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2020-12388 10.0

This vulnerability allows attackers to escape Firefox's content process sandbox on Windows systems, ...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)