Profile
A recently uncovered eSI...
eSIM Security Flaw Could Impact Billions of Devices
July 15, 2025 -
2 minutes, 36 seconds
eSIM Security Flaw Could Put Billions of Devices at Risk
A recently uncovered eSIM security flaw has sparked major concerns among users and cybersecurity professionals. The vulnerability affects over two billion eSIM-enabled devices worldwide—ranging from smartphones to wearables and smart home gadgets. If exploited, the bug could allow attackers with physical access to install malicious programs, extract sensitive data, or even manipulate device behavior. The good news? A patch is already available, and upgrading is strongly advised to avoid potential risks.
What Caused the eSIM Security Flaw?
The flaw was discovered in a test version of the eSIM profile known as the GSMA TS.48 Generic Test Profile (versions 6.0 and earlier). This specific profile is used during device certification and testing, especially in products using embedded SIMs (eUICCs). According to Security Explorations, the lab behind the discovery, the bug made it possible for threat actors to install applets—small programs—without authentication. That means even basic physical access to a device could have led to serious compromises.
Which Devices Are Affected by the eSIM Vulnerability?
Any gadget using eSIMs based on Kigen’s eUICC technology could be affected. That includes popular smartphones, tablets, IoT devices, smartwatches, and more. With over two billion of these devices globally, the scale of the potential risk is significant. Devices not updated to the latest version of the test profile are especially vulnerable, making timely upgrades essential for security.
Patch Released: How to Stay Protected from the eSIM Bug
Thankfully, Kigen has acted quickly, issuing a fix in the GSMA TS.48 v7.0 specification. This version eliminates the vulnerability, and Kigen has already rolled out updates to its customers. Users are encouraged to check with their device manufacturers or network providers to ensure their devices are running the latest software. Staying updated is the best defense against this kind of emerging mobile security threat.
Related Posts
Photos
Contact Information
Suggested Writers
-
2.4K articles
-
1.3K articles
-
34 articles
-
28 articles








Comment