Media Coverage

Reported Vulnerabilities, Acknowledgements, and Bug Bounties

VWAttacker: A Systematic Security Testing Framework for Voice over WiFi Implementations

TIMESAFE: Timing Interruption Monitoring and Security Assessment for Fronthaul Environments.

BLEDiff: Scalable and Property-Agnostic Noncompliance Checking for BLE Implementations, (IEEE S&P), 2023

Google/Android Security bug bounty reward of $10,000 USD,
- CVE-2024-34722
Huawei Security bug bounty and acknowledgments:
- HWPSIRT-2022-56262
- HWPSIRT-2022-13244
- HWPSIRT-2022-96208
Security advisory from STMicroelectronics (TN1436-ST-PSIRT)
High and medium-severity CVE’s assigned to some of the implementation issues we found in different BLE implementations:
- CVE-2022-40480
- CVE-2022-41768
- CVE-2022-45190
- CVE-2022-45192
- CVE-2022-45191
- CVE-2025-26438

Noncompliance as Deviant Behavior: An Automated Black-box Noncompliance Checker for 4G LTE Cellular Devices, (CCS), 2021

Inducted to GSMA Mobile Security Research Acknowledgements (formerly Hall of Fame) [GSMA CVD-2021-0050]
Google Bug Bounty Reward
Samsung Bug Bounty Reward
MediaTek Security Acknowledgements
Qualcomm Security Bulletins
High-severity CVE’s assigned to some of the implementation issues we found in different UE implementations:
- CVE-2021-25471
- CVE-2021-25480
- CVE-2021-40148
- CVE-2021-30344
- SVE-2021-22327
- SVE-2021-22324
- CVE-2022-25685
- CVE-2022-22091

ProChecker: An Automated Security and Privacy Analysis Framework for 4G LTE Protocol Implementations, (ICDCS), 2021.

Opening Pandora’s Box through ATFuzzer: Dynamic Analysis of AT Interface for Android Smartphones, 2019.

5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol, (CCS), 2019.