Multiple vulnerabilities in independent 5G networks

Recent reports indicate that security flaws in protocols used by 5G network installations could expose users to various attacks, including identity theft, phishing, among others. The report, prepared by Positive Technologies, mentions that 5G implementations are dependent on the existing 4G LTE structure, and that the transition to an independent infrastructure could take years.

The report also indicates that while dependent 5G networks may be vulnerable to attacks based on Diameter and GTP protocols, it is possible to exploit flaws in independent 5G networks using HTTP/2 and PFCP protocols.

La imagen tiene un atributo ALT vacío; su nombre de archivo es 5gfeat.jpg

The attack would target subscribers and the operator’s network and could originate from the operator’s network, international roaming network, and associated networks that provide access to affected services.

Packet Forwarding Control Protocol (PFCP), which makes subscriber connections, is affected by multiple security flaws that could lead to denial of service (DoS) conditions or traffic redirection. Threat actors could send session deletion request packages to lead to the DoS condition, in addition to using a session modification request to redirect the subscriber to the hackers.

Researchers mention that it is possible to avoid exploiting these flaws; it all depends on operators applying the appropriate settings because the interface is internal. Operators should remember that the HTTP/2 protocol contains multiple failures that would allow attackers to impersonating a network service or even delete profiles.

Attackers could attempt to register new network functions or even cause disruptions if functions exist, or access subscriber data if they end up serving subscribers through the attacker-controlled function. Finally, in case certain operations do not have security restrictions, hackers capable of profiling network functions can delete these profiles, causing denial of service for network subscribers.

Other vulnerabilities also affect independent 5G networks, including flaws related to subscriber authentication, profiling, or creating sessions that are passed by existing subscribers.