Newly discovered vulnerability on 5G Network allows hackers to track user locations and data

December 22, 2020
5G Network discovered vulnerability DOS MITM User Location Data Leak

The latest mobile network technology 5G is being rolled out gradually on major cities around the world. In line with the infrastructure deployments, analysis of the network architecture has revealed some potential weakness insecurity that when exploited by hackers and threat actors can enable them to perform cyber-attacks such as a denial of service to overload the network traffic of an internet subscriber and obstruct the flow of data traffic. These security flaw findings are based on the security research findings by a London-based telecom cybersecurity firm Positive Technologies.


Current security features of 5G

There are several key security features offered by the 5G network technology. One feature provided by 5G is protection from stingray surveillance and encryption of IMSI (International Mobile Subscriber Identity) numbers. IMSI are unique identifiers that are embedded and assigned within every retailed SIM card for the identification of users belonging to a particular cellular network.

The 5G Core (5GC) feature updates IT protocol stack using the security of TCP (Transmission Control Protocol) as the transport layer replacing SCTP (Stream Control Transmission Protocol), and HTTP/2 protocol as a replacement for Diameter Protocol at the application layer. Which is another added TLS layer for encryption of communications among all network functions.

The 5G mobile network framework consists of nine network functions that are responsible for subscriber registration, sessions management, subscription profiles, subscription data storage and connectivity of users and user equipment to the internet via a base station.

Even with all the current security features on 5G networks, the mobile security researchers pointed out that the current stack of technologies could potentially open flaws to cyber-attacks on users. Also, the cellular operator’s network could get exploited, leading to a denial of service and man in the middle attacks.

However, the researchers mentioned that the same stack of technologies potentially allows cyber attacks on subscribers and the Telco’s network that could be exploited to stage a man-in-the-middle and DoS attacks.


Denial of Service, Man in the Middle Attacks and User Location leak

The problematic side of the 5G System Architecture lies on the interface dedicated to session management using the PFCP (Packet Forwarding Control Protocol). A threat actor can send a PFCP session modification request packet that would cause a DoS condition which leads to disruption of the internet service or even interception of leaked web traffic.

Another issue found on the 5G standard that manages NRF (Network Repository Function) that allows registration and discovery of network functions in the control plane. Threat actors can add a network function that already exists in the repository that is under their control to access user information.

Another noteworthy vulnerability is on the pair of subscriber authentication flaw that can be used to disclose the SUPI (Subscription Permanent Identifier) that is allocated to each subscriber that can leak authentication info by via base station spoofing.


There is a need for continuous surveillance, analysis, and protection on using the latest 5G network to ensure mobile network protection for subscribers and users. Without a doubt, the current security features offered by latest mobile network technology are adequate, but the 5G standard must be scrutinized as more network users get registered to cater to the growth each year.

About the author

Leave a Reply