Devices with Qualcomm modems safe from critical ASN.1 telecom flaw

Despite initial concerns, smartphones equipped with Qualcomm modems are not vulnerable to a recently announced vulnerability that could potentially allow attackers to take over cellular network gear and consumer mobile devices.

The vulnerability was discovered in ASN1C, a popular compiler that produces C code for parsing ASN.1 encoded data. Abstract Syntax Notation One (ASN.1) is a standard for representing, encoding, transmitting, and decoding data in telecommunications and computer networking.

Many devices, from mobile phones to switching equipment inside cellular infrastructure parse ASN.1 data and do so using programs that were created by compilers such as ASN1C, which is developed by U.S.-based Objective Systems.

To read this article in full or to leave a comment, please click here