The problem of today’s limited competition in the 5G chip space (partly due to 5G chips being used in the trade war between the US and China) is that most vendors use 5G chips from Qualcomm or Mediatek (both chip-makers from Taiwan), as those are “approved” and not subject to US chip-act sanctions.
Singapore University of Technology and Design (SUTD) has published a total of 14 backdoors for “US-approved” 5G modems made by Qualcomm and Mediatek. Speculation runs wild that these vulnerabilities are as designed to create backdoors for NSA/CIA spying.
Due to the current situation and trade restrictions, this means a huge set of 5G phones are vulnerable and need patches to circumvent the flaws and security holes.
Apple is also one of the affected vendors with most 5G models affected. But as most vendors these days are more or less restricted to Mediatek or Qualcomm modems due to the sanctions, trade war, and limited competition allowed, models from most vendors are affected. Apart from Apple, Samsung, Vivo, Xiaomi, Sony, Huawei, ZTE, Oppo, LG, Motorola, Sharp, Asus, etc., are also affected.
Apple phones are currently still unpatched, so users are currently at risk for these backdoors.
More details on the security issues can be found at https://asset-group.github.io/disclosures/5ghoul/disclosure.html