5G networks are becoming the backbone of modern telecommunications, supporting IoT, mobile connectivity, and emergency services. Behind the shiny interfaces and faster speeds lie complex, multi-layered and multi-vendors infrastructures that are ripe for security challenges.
In this presentation, we embark on a journey through our real-world security audits of large-scale 5G infrastructures. We’ll share stories of how we navigated the vast attack surface, covering everything from the radio access network to the core network, and identified vulnerabilities that could be exploited by sophisticated threat actors.
You’ll learn about our approach, combining traditional pentesting techniques with vulnerability research and instinct-driven exploration. We’ll highlight some of the most interesting findings: authentication bypass, RCE, control flow abuse, etc.
We’ll share tales from the field: hardware adventures, unexpected mishaps, and lessons learned. These stories underscore the importance of continuous security assessment in the evolving landscape of 5G, where even simple misconfigurations can lead to significant risks.
Join us for an inside look into the unspoken vulnerabilities of the 5G world.
