P1 Security Newsletter: the largest vulnerability knowledge base available on LTE, Diameter, IMS, SS7 and SIGTRAN

P1 VKB now counts more than 400 vulnerabilities

This month, our Vulnerability Research Team has worked around the clock to find new and unpatched security vulnerabilities in SS7, SIGTRAN, IMS and LTE networks.

With more than 60 new vulnerabilities discovered, we have increased the size of our Vulnerability Knowledge Base (VKB) with many 0 day vulnerabilities including:

– STP and MSC Denial of Service on Ericsson products,
– HLR protocol/design flaws affecting Huawei, Ericsson and Alcatel-Lucent network equipment,
– OAM security failures related to ZTE, Huawei and Nokia Siemens Networks

Currently, 15% of the vulnerabilities in our VKB are found in HLR products. It is alarming to discover so many vulnerabilities in such a critical element of Telecom Networks.

Because information about new vulnerabilities is vital to keeping a network secure, P1 Security has now released an online registration for our Vulnerability Knowledge Base (VKB). P1 Vulnerability Knowledge Base provides you with a constant feed of new vulnerabilities found by P1 Security own Vulnerability Research Team. Get an access to the VKB now and discover an overview of the vulnerabilities by equipment and vendors, as well as recommendations for remediation.

Try it now
To learn more about P1 Security VKB have a look at the VKB product page.

P1 Telecom Auditor Remote Proof of Concept Now Available On Demand!

Does signalling increase in your network come from vulnerabilities and misuse? What is your telecom exposure and attack surface? Does your MSC, HLR, STP or Diameter Routing Agent expose too much including potential vulnerable subsystems and services?

P1 gives you the opportunity to proactively discover, assess and respond to vulnerabilities issues and not to become a victim of it.

You can now start remote PoC scan of PTA on your own infrastructure. Benefit from P1 Security own interconnection for scanning your Signaling infrastructure and Core Network.

Contact us here to get started.

Security Research by P1 Labs

Are you sure that your access network – Femto cell – your eNode B – ISP box – received the full set of vulnerability testing? Are you sure that your Mobile Device is protected enough against hardware vulnerabilities?

Protecting your Core Network is mandatory, but if you do not challenge your Radio Access Network it is still an open window to the heart of your business!

P1 Labs, our Security Research Lab, already succeeded to hack most of market Femto cells, so if you want to have an overview of your product robustness and reliability do not hesitate to contact us. We go deeper than other testing and auditing companies. Thanks to our own P1 Telecom Fuzzer and our support of deep telecom protocols, we find bugs deeper into the protocol stacks: find vulnerabilities in LTE S1, X2, SS7 MAP and INAP instead of testing only the IP surface.

P1 Security Newsletter keeps you informed about product updates, upcoming events and new and rising telecom security risks that Mobile Network Operators are facing, most often unknowingly.

Register here for the P1 Security newsletter!

About the Author