By first in-use booting Mobile Stations normally get the config parameters from the Mobile Network Operator by CP-messages. We struggle with a case of silently installing Certificate Management Protocol version 2 (CMPv2) configs without awaiting users agreement and confirmation by clicking 'istalling' or 'aborting'.
Who knows profoundly how this can happen?
Actually we verify if an IMSI-catcher is running in this LTE Tracking Area but seems to be a new
form of stingray application trying to misconfigure the Mobile Station. A look into settings reveals
the installed CP-messages as during local night hours delivered.
Sorry for a confusing issue, but we struggle to understand.
If you are new but interested in LTE security, see here
https://