Vulnerability Details: CVE-2024-53026. It is a vulnerability affecting O2 UK’s VoLTE/IMS service, disclosed in mid-May 2025. Rated Low, with a CVSS v3 score of 3.5. It has a limited impact on confidentiality and no effect on integrity or availability.
What Happened?
When one user places an IMS call, the network improperly exposes a “Cellular‑Network‑Info” SIP header. This includes the utran-cell-id-3gpp value—essentially the E-UTRAN Cell Identity (Cell ID) of the handset that receives the call. With the leaked Cell ID, attackers (or even regular users) can approximate the physical location of the called party. In dense urban areas, a single cell ID may correspond to a very small geographic area.
How was it fixed?
O2 has since removed the header in line with ETSI telecom standards (specifically Section 4.4.19 of ETSI TS 124 229) and has patched their VoLTE/IMS network to no longer include this Cell ID in SIP headers.
The solution was purely network-side, requiring no end-user updates.
Always carefully reading the SIP details is useful. 😀