2 min Security

Researchers find 36 new vulnerabilities in the LTE protocol

Researchers find 36 new vulnerabilities in the LTE protocol

A group of academics from South Korea has discovered 36 new vulnerabilities in the Long-Term Evolution (LTE) standard used by thousands of mobile networks and hundreds of millions of users worldwide. LTE is a 4G technique.

The vulnerabilities allow attackers to interrupt mobile base stations, block incoming calls to a device, disconnect users from a mobile network, send spoofed text messages, and listen and manipulate user data traffic.

The vulnerabilities were discovered by a research team from the Korea Advanced Institute of Science and Technology Constitution (KAIST), reports ZDNet. The discoveries are not entirely new, as various academic groups have discovered similar vulnerabilities in recent years. These vulnerabilities became the driving force behind the development of 5G.


However, the work differs from previous studies in that it has been discovered in terms of the number of vulnerabilities and the way in which they were discovered. The researchers said that they had found 51 LTE vulnerabilities, 36 of which are new and 15 have already been discovered by other scientists.

The vulnerabilities were discovered by using a technique called ‘fuzzing’. Fuzzing is a method to test code, where a large amount of random data is placed in an application and the output is analyzed for deviations. In this way, developers are given a hint of the presence of possible errors.

Fuzzing has been used for years, but especially with software for desktops and servers. It’s hardly ever used for any other purpose. The researchers at KAIST built a semi-automated testing tool called LTEFuzz. This tool was used to set up rogue connections to a mobile network, and then to analyse the response of the network.


The resulting vulnerabilities were both in the design and implementation of the LTE standard used by different device providers and vendors. The KAIST team claims to have notified both 3GPP – the organisation behind the standard – and GSMA – the organisation representing mobile operators. The sellers of baseband chipsets and network equipment whose hardware was used to perform the tests were also informed.

This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.