Vulnerability in O2's 4G Calling Service Allowed User Location Tracking

A vulnerability in the 4G Calling (VoLTE) service of the British telecom operator O2 allowed the disclosure of user location data through network responses due to a poor implementation of the IMS standard. This vulnerability enabled the location of any O2 customer with a simple phone call. The flaw affected the VoLTE service, which allows voice calls over the 4G network. The specific technical details of the vulnerability have not been disclosed, but it is related to a poor implementation of the IMS (IP Multimedia Subsystem) standard.