The National Information Technology Development Agency (NITDA) has alerted Nigerians and the global tech community about a critical security vulnerability in embedded SIM (eSIM) technology that threatens over two billion devices, including smartphones, tablets, wearables, and Internet of Things (IoT) gadgets.
The warning was issued on August 23, 2025, emphasizing the urgent need for device makers and service providers to take immediate action.
The flaw, traced to the GSMA TS 48 Generic Test Profile (version 6.0 and earlier), exposes eUICC (Embedded Universal Integrated Circuit Card) chips to cyberattacks by allowing malicious actors to gain either physical or remote access to devices. If exploited, attackers could install harmful applets, extract sensitive cryptographic keys, or even clone eSIM profiles, leading to widespread communication interceptions and unauthorized device control.
NITDA stressed that the vulnerability affects billions of devices globally, making it one of the most severe cybersecurity threats in recent times.
This is a wake-up call for all stakeholders to act swiftly. Leaving this vulnerability unchecked could compromise national communication infrastructures and personal data privacy – said Dr. Amina Bello, NITDA’s Director of Cybersecurity
A Lagos-based mobile user, Chinedu Okoro, shared his concerns
I’ve been using an eSIM for over two years now. Knowing there’s such a vulnerability is unsettling, but I trust that updates will keep us safe. It’s vital for operators to communicate clearly with users like me
Cybersecurity experts explained that as eSIM technology expands, so too must the rigor of security measures.
eSIMs represent the future of connectivity, but their embedded nature means vulnerabilities at the chip level can have far-reaching consequences. Immediate remediation and ongoing vigilance are non-negotiable – Professor Ifeanyi Umeh, a leading cybersecurity analyst at the University of Lagos.
NITDA plans to intensify collaboration with local telecom operators and international bodies to monitor developments and support implementation of necessary security patches. The agency also urges consumers to stay alert for official updates and to apply device updates promptly.
Dr. Bello called on all Nigerians and global partners to prioritize these updates and work together to safeguard Nigeria’s communication networks.
