Vulnerability patch sysmoEUICC1 product

maximushugus commented

2025-07-13 11:30:35 +02:00

Hello,

Sysmocom recently discovered a vulnerability on e-sim sysmoEUICC1 products : sysmoEUICC1-C2G, sysmoEUICC1-CMG, and sysmoEUICC1-C2T.

Here is the communication from sysmocom :

Dear customer,
we regretfully have to inform you that recent research has uncovered a security vulnerability in the Card Operating System sysmocom licensed from Kigen for use in the symsoEUICC1 products, and defensive mitigation measures by applying the attached patch are strongly recommended.
We are reaching out as you have previously purchased this product from us in order[s] XXXX/XXXXXXX.
Please make sure this e-mail with all of its attachments is forwarded to the person technically responsible for the use of the affected product in your organization.
Thanks for your kind attention.

I attached the PDF sysmoEUICC1 security bulletin below.

There is a patch for thoses e-SIM card given by sysmocom itself, dicribed in the PDF :

Kigen has provided a patch for the existing sysmoEUICC1. The patch consists of a very short sequence of APDUs that need to be sent to the EUICC. This can be done e.g. by inserting the sysmoEUICC1 in a smart card reader attached to a computer and executing a pySim-shell to perform the patching of the card.
For sysmoEUICC1-C2G/C2M deployed in remote devices in the field, it is recommended to apply
the patch from the operating system that controls the cellular modem in the device. All that is
neede is e.g. a few AT commands (AT+CSIM) to issue the patch APDUs towards the eUICC.

Below is the script given by sysmocom : sysmoEUICC1-patch-202507.txt

Would it be possible to integrate a way to apply this patch in OpenEUICC ?

Thanks

Hello, Sysmocom recently discovered a vulnerability on e-sim sysmoEUICC1 products : sysmoEUICC1-C2G, sysmoEUICC1-CMG, and sysmoEUICC1-C2T. Here is the communication from sysmocom : > Dear customer, we regretfully have to inform you that recent research has uncovered a security vulnerability in the Card Operating System sysmocom licensed from Kigen for use in the symsoEUICC1 products, and defensive mitigation measures by applying the attached patch are strongly recommended. We are reaching out as you have previously purchased this product from us in order[s] XXXX/XXXXXXX. Please make sure this e-mail with all of its attachments is forwarded to the person technically responsible for the use of the affected product in your organization. Thanks for your kind attention. I attached the PDF sysmoEUICC1 security bulletin below. There is a patch for thoses e-SIM card given by sysmocom itself, dicribed in the PDF : > Kigen has provided a patch for the existing sysmoEUICC1. The patch consists of a very short sequence of APDUs that need to be sent to the EUICC. This can be done e.g. by inserting the sysmoEUICC1 in a smart card reader attached to a computer and executing a pySim-shell to perform the patching of the card. For sysmoEUICC1-C2G/C2M deployed in remote devices in the field, it is recommended to apply the patch from the operating system that controls the cellular modem in the device. All that is neede is e.g. a few AT commands (AT+CSIM) to issue the patch APDUs towards the eUICC. Below is the script given by sysmocom : sysmoEUICC1-patch-202507.txt Would it be possible to integrate a way to apply this patch in OpenEUICC ? Thanks

sysmoEUICC1 security bulletin 2025⁄07.pdf

202 KiB

sysmoEUICC1-patch-202507.txt

1.9 KiB