Home
Description
An issue in Quectel BC25 with firmware version BC25PAR01A06 allows attackers to bypass authentication via a crafted NAS message. NOTE: Quectel disputes this because the issue is in the chipset supply chain and is not localized to one or more Quectel products.
References
github.com/.../master/Quectel_BC25_Subscriber_Auth_Bypass.md