Threat Category: USIM / SIM / UICC security
ID: STA-26
Threat Description: Smartcard operating systems carry a number of hidden commands that can be abused to retrieve data from or modify data within the smartcard. These commands can remain active from an initialization phase or execution of a previous application.
Threat Origin
A Review of Smartcard Security Issues 1
Exploit Examples
Not Applicable
CVE Examples
Not Applicable
Possible Countermeasures
References
H. Ko and R. Caytiles, “A Review of Smartcard Security Issues,” Journal of Security Engineering, 8, no. 3 (2011): 6. https://www.dbpia.co.kr/journal/articleDetail?nodeId=NODE10947607 [accessed 08/13/25] ↩