Baseband processors are the components of your mobile phone that communicate with the cellular network. In 2010 I demonstrated the first vulnerabilities in baseband stacks that were remotely exploitable using a fake base station.
Subsequently, people assumed that baseband attacks are attack vectors requiring some physical proximity of the attacker to the target. In this talk we will uproot this narrow definition and show an unexpected attack vector that allows an attacker to remotely exploit bugs in a certain component of the baseband stack over an IP connection. Depending on the configuration of certain components in the carrier network, a large population of smartphones may be simultaneously attacked without even needing to set up your own base station.