CVE-2023-52341 – This vulnerability in Unisoc chipsets allows re... (How to Fix)

Q: What is the severity of CVE-2023-52341?

CVE-2023-52341 has a CVSS score of 7.5 (HIGH). This vulnerability in Unisoc chipsets allows remote attackers to intercept sensitive information before security activation during cellular network connections. It affects devices using vulnerable Unisoc modem firmware, potentially exposing user data during initial network handshake procedures.

📋 TL;DR

This vulnerability in Unisoc chipsets allows remote attackers to intercept sensitive information before security activation during cellular network connections. It affects devices using vulnerable Unisoc modem firmware, potentially exposing user data during initial network handshake procedures.

💻 Affected Systems

Products:

Unisoc modem chipsets/firmware

Versions: Specific versions not detailed in public advisory

Operating Systems: Android and other mobile OS using Unisoc chipsets

Default Config Vulnerable: ⚠️ Yes

Notes: Affects devices during cellular network connection establishment before AS security activation.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote interception of sensitive cellular communication data including location information, device identifiers, and potentially user data before encryption is established.

🟠

Likely Case

Information disclosure of device metadata and network parameters during initial connection setup, potentially enabling tracking or profiling.

🟢

If Mitigated

Limited exposure if devices are patched or use alternative security mechanisms during initial handshake.

🌐 Internet-Facing: HIGH - Cellular network interfaces are inherently internet-facing and the vulnerability requires no authentication.

🏢 Internal Only: LOW - This primarily affects cellular network interfaces which are external-facing by design.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Exploitation requires proximity to target device and cellular network interception capabilities.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public advisory

Vendor Advisory: https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313

Restart Required: Yes

Instructions:

1. Contact device manufacturer for firmware updates 2. Apply Unisoc-provided patches 3. Reboot device after update

🔧 Temporary Workarounds

Disable vulnerable cellular bands

android

Temporarily disable affected cellular network bands if supported by device

🧯 If You Can't Patch

Use Wi-Fi calling instead of cellular when possible
Deploy network-level encryption solutions

🔍 How to Verify

Check if Vulnerable:

Check device specifications for Unisoc chipset and contact manufacturer for vulnerability status

Check Version:

Android: Settings > About Phone > Baseband version

Verify Fix Applied:

Verify firmware version against manufacturer's patched version list

📡 Detection & Monitoring

Log Indicators:

Unusual cellular handshake failures
Multiple COUNTER CHECK messages

Network Indicators:

Intercepted plaintext COUNTER CHECK messages before security activation

SIEM Query:

Not applicable - primarily requires cellular network monitoring

📊 Metadata

CVE ID: CVE-2023-52341

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

Published: April 8, 2024

Last Updated: May 6, 2025

🔗 References

https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313 Vendor Advisory
https://www.unisoc.com/en_us/secy/announcementDetail/1777143682512781313 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52341, you might also want to check these: