Cybersecurity · · 2 min read

Exploring the Depths of 5Ghoul: A Dive into Cybersecurity Vulnerabilities

Exploring the Depths of 5Ghoul: A Dive into Cybersecurity Vulnerabilities

The dawn of 5G technology has ushered in a new era of connectivity, promising unprecedented speeds and reliability. However, with great power comes great responsibility, and in the case of 5G, a heightened need for robust cybersecurity. Recently, a significant disclosure named "5Ghoul" has emerged, revealing a series of implementation-level vulnerabilities in 5G modems from leading chipset vendors Qualcomm and MediaTek. This article delves into the intricate world of 5G vulnerabilities, dissecting the implications of the 5Ghoul findings.

Unveiling 5Ghoul: A Cybersecurity Pandora's Box

5Ghoul, a term coined from 5G technology and the mythical creature 'Ghoul', metaphorically represents the deceptive nature of these vulnerabilities. These flaws can lead unsuspecting devices to connect to malicious base stations, where they become prey to various attacks. The ASSET Research Group's disclosure highlights the precariousness of our reliance on seemingly secure communication technologies.

The Technical Breakdown

  • Vulnerability Scope: The disclosure identified a total of 14 vulnerabilities affecting commercial off-the-shelf (COTS) edge devices with Qualcomm and MediaTek 5G modems. These vulnerabilities were discovered in a range of products, including smartphones, Customer-premises Equipment (CPE) routers, and USB modems.
  • Severity: At least three of these vulnerabilities are rated as high severity, underscoring the potential risk to users and infrastructure.
  • Affected Devices: Over 710 smartphone models have been found to be vulnerable. This alarming number indicates the widespread impact of these vulnerabilities.

Attack Scenarios

The vulnerabilities allow for various attack scenarios, including the disruption of 5G connections and forcing devices to downgrade from 5G to 4G connectivity. This not only disrupts communication but also exposes devices to additional vulnerabilities inherent in older network technologies.

The Response

Following responsible disclosure practices, MediaTek and Qualcomm have included details of the affected chipsets in their December 2023 security bulletins. Patches are expected to be available for Android-based smartphones in December 2023, while the timeline for Apple-based iPhones remains unaligned.

Implications and Reflections

The 5Ghoul disclosure serves as a stark reminder of the complexities and vulnerabilities inherent in modern communication technologies. It highlights the need for continuous vigilance and proactive security measures to protect against evolving cyber threats.

Challenges in Patching and Security

The process of patching these vulnerabilities is intricate, involving various stakeholders from chipset vendors to smartphone manufacturers. This complexity often results in delays, leaving end-users vulnerable for extended periods.

The Bigger Picture

While the focus is often on smartphones, the reach of these vulnerabilities extends to other 5G-enabled devices and applications, emphasizing the need for a holistic approach to cybersecurity in the 5G era.


The 5Ghoul disclosure is a critical wake-up call for the industry, highlighting the urgent need for robust security measures in the 5G landscape. As we march towards a more connected future, the balance between technological advancement and security must be meticulously maintained to ensure the safety and trust of users worldwide.

Acknowledgments: The research behind the 5Ghoul disclosure was partially supported by the Future Communications Program and the iTrust National Satellite of Excellence. The team extends their gratitude to all who contributed to the research and the coordinated disclosure process.

This comprehensive overview of the 5Ghoul disclosure aims to educate and inform readers about the complexities and risks associated with 5G technology. As we navigate this new era of connectivity, understanding and addressing these vulnerabilities becomes paramount to safeguard our digital ecosystem.

Read next