Chinese SMS can crash Siemens mobiles
Print storyLanguage skills
Posted in Security, 5th February 2002 11:40 GMT
Free whitepaper – Securing your online data transfer with SSL
Siemens is evaluating the impact of a security bug that allows malicious hackers to crash phones by sending a malformed SMS message in Chinese.
The flaw, which affects Siemens 3568i (or below) mobiles but not Siemens 6688 phones, involves a bug in the way exceptional characters are displayed, Chinese researchers xfocus advise.
According to xfocus, a malformed message can shutdown a vulnerable mobile and make it impossible to delete a rogue message without downloading software that does not normally come with the phone. The exploit might be used as a denial of service attack.
xfocus published its discovery exploit last month but the bug was news to Siemens UK operation when we first contacted them about it last week. A spokesman said its product management team was looking into the issue, which is thought at this time to be restricted to Chinese language SMS messages.
In December we reported how a malformed text message could crash older Nokia mobiles. That bug is related to sending SMS messages where the User Data Header is broken and is a separate issue from the Chinese language SMS vulnerability, although the effects are much the same. ®
Related stories
Free whitepaper – Vulnerability management buyer's checklist
The future of SaaS and IT infrastructure management
The mandate for application security
Extended Validation SSL Certificates
Avoiding 7 common mistakes of IT security compliance
The best practices guide for application security
Google cloud told to encrypt itself
Buggy 'smart meters' open door to power-grid botnet
Chinese firm hits back at cyberspy claims
BlockMaster SafeStick hardware-encrypted USB drive