During my time at Ruhr University Bochum, while working for David Rupprecht, we did some research on downgrade attacks in 4G and 5G networks.
In our paper “Bidding-Down Attacks and Mitigations in 5G and 4G”, we examine how mobile devices and networks can be pushed into older RAN generations, including full downgrades from 5G to 2G. We show how to exploit protocol-level weaknesses that cannot be changed anymore. We show that even modern devices and live networks remain exposed to both intra- and inter-generation downgrade vectors, and we provide concrete test cases, specification gaps, and mitigation strategies based on our findings. This research complements the practical focus of my telco test lab series, highlighting the security challenges that real-world deployments must address to build resilient and future-proof networks.