According to research published by Positive Technologies detailing Diameter's use among mobile networks across the globe, the protocol's features are rarely used.

This is because 4G operators are misconfiguring the Diameter protocol - an SS7 replacement - and using it in the same way as SS7. The incorrect use of Diameter leads to the presence of several vulnerabilities in 4G networks that resemble the ones found in older networks that use SS7, and which Diameter was supposed to prevent.

The report said that the Diameter misconfigurations they've spotted inside 4G networks are in many cases unique for each network but they usually repeat themselves to have them organised in five classes of attacks:

(1) subscriber information disclosure

(2) network information disclosure

(3) subscriber traffic interception

(4) fraud

(5) denial of service.

Researchers warn that not fixing these vulnerabilities "could lead to sudden failure of ATMs, payment terminals, utility meters, car alarms, and video surveillance". This is because these types of devices often use 4G SIM card modules to connect to their servers when located in a remote area where classic Internet connections are not possible. Old SS7 attacks such as tracking users' location and intercepting SMS and phone calls are also possible via Diameter as well.

Positive Technologies warns that with the rise of the Internet of Things devices, some of which rely on 4G connections when a WiFi network is not in range, such flaws are the equivalent of having an open door for hackers to target such equipment via the 4G network.