Mobile Threat Catalogue

Downgrade via Circuit Switched Fallback (CSFB)

Contribute

Threat Category: VoLTE

ID: CEL-13

Threat Description: Long Term Evolution (LTE) devices can use CSFB or circuit-switched for voice communication if VOLTE over IMS is not available or not configured in the serving network. Inherent flaws with CSFB can allow an attacker to impersonate a caller and initiate/intercept calls and sms messages.

Threat Origin

Insecurity of Voice Solution VoLTE in LTE Mobile Networks 1

How Voice Call Technology Poses Security Threats in 4G LTE Networks 2

Exploit Examples

Not Applicable

CVE Examples

Not Applicable

Possible Countermeasures

References

  1. C.-Y. Li et al. “Insecurity of Voice Solution VoLTE in LTE Mobile Networks”, In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, 2015, pp. 316-327; http://dx.doi.org/10.1145/2810103.2813618 [accessed 8/23/2016] 

  2. G.-H. Tu et al., “How Voice Call Technology Poses Security Threats in 4G LTE Networks”, in Proceedings of 2015 IEEE Conference on Communications and Network Security (CNS), 2015; https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=7346856 [accessed 8/1/2022]