Given how common government surveillance is these days, enabled especially by certain companies that consider themselves pioneers in the 5G space, I am not overly convinced that this functionality is unintentional.
Interesting how the GSMA claim that these vulnerabilities are "judged as nil or low-impact in practice". It doesn't sound like low-impact if used to target specific people.
The GSMA is an industry body for coordinating interoperating standards. You couldn’t even say it has been “compromised” because it doesn’t really have any social mandate.
GSMA represents network operators. They don't coordinate standard.
3GPP makes the spec and sends it for ITU for ratification. 3GPP has 7 organizational partners: USA represented by ATIS, ETSI for EU and CCSA for China. GSMA is one of the 17 invited market representation partners who can provide advice and participate in consensus decision making but have no vote.
Interesting how the GSMA claim that these vulnerabilities are "judged as nil or low-impact in practice". It doesn't sound like low-impact if used to target specific people.