Ethical Hacking News
Experts have uncovered critical flaws in Kigen's eSIM technology, affecting billions of IoT devices worldwide. The discovery has major security implications, as attackers can exploit these vulnerabilities to access sensitive data.
Experts found critical flaws in Kigen's eSIM technology, affecting billions of IoT devices worldwide.The vulnerabilities allow attackers to access sensitive data, including subscriber configurations and authentication keys.A vulnerability in GSMA TS.48 Generic Test Profile (v6.0 and earlier) allowed installation of non-verified applets.Attackers can download decrypted eSIM profiles from mobile network operators, bypassing secure hardware hacking.The discovery highlights the need for robust security measures in IoT devices and industry-wide collaboration to address vulnerabilities in eSIM technology.
In a recent development that has sent shockwaves throughout the cybersecurity community, experts have uncovered critical flaws in Kigen's eSIM technology, affecting billions of IoT devices worldwide. The discovery was made by researchers at Security Explorations, who successfully hacked into the Kigen eUICC card, a security-certified chip used to manage eSIM profiles.
The Kigen eUICC card is a crucial component of many modern smartphones and IoT devices, allowing users to store multiple mobile carrier profiles and switch between them remotely. However, researchers found that neither eSIM profiles nor Java Card apps stored on the chip are properly isolated or protected. This means that attackers can exploit these vulnerabilities to access sensitive data, including subscriber configurations, authentication keys, and Java apps.
The attack required physical access and knowledge of internal keys, although an over-the-air vector cannot be ruled out. Researchers pointed out that this breach highlights significant risks in eSIM technology and challenges the industry's security assumptions.
In a statement, Kigen confirmed that a vulnerability in GSMA TS.48 Generic Test Profile (v6.0 and earlier) allowed installation of non-verified, potentially malicious applets. The issue was addressed in TS.48 v7.0, which restricts test profile use; earlier versions are now deprecated.
The discovery has major security implications, as attackers can download decrypted eSIM profiles from various mobile network operators (MNOs), bypassing the need to hack secure hardware. These profiles contain sensitive data that can be extracted, analyzed, modified, and reloaded onto other eUICCs without detection by MNOs.
This underscores the importance of robust security measures in IoT devices and highlights the need for industry-wide collaboration to address vulnerabilities in eSIM technology.
Related Information:
https://www.ethicalhackingnews.com/articles/Global-Security-Breach-The-Kigen-eSIM-Technology-Flaw-ehn.shtml
https://securityaffairs.com/179894/security/experts-uncover-critical-flaws-in-kigen-esim-technology-affecting-billions.html
Published: Mon Jul 14 11:26:01 2025 by llama3.2 3B Q4_K_M
