CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Sni5Gect Attack Framework Exploits 5G Networks without Rogue Base Stations

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

A new attack framework, Sni5Gect, developed by the ASSET Research Group at the Singapore University of Technology and Design, can downgrade 5G connections to 4G and crash phone modems by sniffing and injecting messages during the initial connection phase. The attack leverages unencrypted messages exchanged between the base station and user equipment, bypassing the need for a rogue base station. The framework was tested on five smartphones, achieving high success rates in sniffing and message injection. The Global System for Mobile Communications Association (GSMA) has acknowledged the vulnerability, assigning it the identifier CVD-2024-0096.

Timeline

  1. 26.08.2025 20:23 πŸ“° 1 articles Β· ⏱ 21d ago

    Sni5Gect Attack Framework Exploits 5G Networks without Rogue Base Stations

    A new attack framework, Sni5Gect, developed by the ASSET Research Group at the Singapore University of Technology and Design, can downgrade 5G connections to 4G and crash phone modems. The framework operates by sniffing and injecting messages during the initial connection phase, bypassing the need for a rogue base station. The framework was tested on five smartphones, achieving high success rates in sniffing and message injection. The GSMA has acknowledged the vulnerability, assigning it the identifier CVD-2024-0096.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

WhatsApp Zero-Day Exploited in Targeted Attacks

WhatsApp patched a zero-day vulnerability (CVE-2025-55177) in its messaging apps for Apple iOS and macOS. The flaw allowed unauthorized users to process content from arbitrary URLs on targeted devices. The issue was exploited in conjunction with a recently disclosed Apple flaw (CVE-2025-43300) in targeted zero-day attacks. WhatsApp notified less than 200 users who may have been targeted as part of the spyware campaign. The vulnerability relates to insufficient authorization of linked device synchronization messages. The exploitation involved chaining the WhatsApp flaw with the Apple vulnerability, enabling sophisticated attacks against specific users. The CISA has added the vulnerability to its Known Exploited Vulnerabilities catalog and is advising federal agencies to apply mitigations by September 23, 2025.

Open in new tab

WhatsApp zero-click vulnerability exploited in targeted attacks

WhatsApp patched a zero-click vulnerability (CVE-2025-55177) in its iOS and macOS clients. The flaw allowed attackers to trigger content processing from arbitrary URLs on targeted devices. The vulnerability was exploited in combination with an OS-level flaw (CVE-2025-43300) on Apple platforms in sophisticated attacks against specific users. The flaw affects WhatsApp for iOS prior to version 2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78. Users were advised to perform a device factory reset and update their operating systems and software. The vulnerability was patched on July 28, 2025, for WhatsApp for iOS and on August 4, 2025, for WhatsApp Business for iOS and WhatsApp for Mac. The attacks targeted less than 200 users, including civil society individuals, and are suspected to be part of an advanced spyware campaign.

Open in new tab

Apple patches Image I/O zero-day exploited in targeted attacks

Apple has released emergency updates to fix a zero-day vulnerability (CVE-2025-43300) in the Image I/O framework. The flaw, an out-of-bounds write issue, was exploited in "extremely sophisticated" targeted attacks against specific individuals. The vulnerability affects multiple iOS, iPadOS, and macOS versions and devices. Apple has not attributed the discovery to a specific researcher or provided details about the attacks. The flaw allows attackers to exploit the vulnerability by supplying malicious input, potentially leading to remote code execution. Affected devices include various iPhone, iPad, and Mac models running specific versions of iOS, iPadOS, and macOS. The flaw was discovered internally by Apple and addressed with improved bounds checking. The vulnerability has been exploited as part of highly targeted attacks. Users are advised to install the updates promptly to mitigate potential ongoing attacks. CERT-FR has reported at least four instances of Apple threat notifications alerting users about mercenary spyware attacks since the beginning of the year. The attacks target individuals based on their status or function, including journalists, lawyers, activists, politicians, and senior officials. Apple has sent threat notifications to users in over 150 countries since 2021. Apple has backported fixes for the vulnerability to older versions of iOS, iPadOS, and macOS, including iOS 16.7.12, iPadOS 16.7.12, iOS 15.8.5, and iPadOS 15.8.5. The updates also address multiple other security flaws in various Apple products. The flaw was chained with a WhatsApp zero-click vulnerability (CVE-2025-55177) in targeted attacks. The attacks were described as "extremely sophisticated" by Apple and WhatsApp. Samsung also patched a remote code execution vulnerability chained with the CVE-2025-55177 WhatsApp flaw in zero-day attacks targeting its Android devices.

Open in new tab