Threat Category: USIM / SIM / UICC security
ID: STA-26
Threat Description: Smartcard operating systems carry a number of hidden commands that can be abused to retrieve data from or modify data within the smartcard. These commands can remain active from an initialization phase or execution of a previous application.
Threat Origin
A Review of Smartcard Security Issues 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
References
H. Ko and R. Caytiles, “A Review of Smartcard Security Issues,” Journal of Security Engineering, 8, no. 3 (2011): 6. https://docplayer.net/23347975-A-review-of-smartcard-security-issues.html [accessed 10/11/21] ↩