In November 2024, someone in Sydney died because their Samsung phone couldn’t connect a Triple Zero emergency call. TPG Telecom reported the fatality as the first documented death directly caused by a firmware bug in dozens of Samsung Galaxy models sold in Australia. This incident is a key part of the broader Australian telecommunications crisis, which revealed critical infrastructure vulnerabilities affecting public safety.
Here’s what happened. The firmware on these devices had Vodafone’s 3G network hardcoded as the only emergency failover route. When Vodafone shut down 3G in late 2023, these phones lost the ability to switch to alternative carrier networks during emergencies. Triple Zero calls just… failed.
And here’s the real problem—11 of the affected models have firmware settings permanently written into the baseband processor. You can’t patch them with software updates. The configuration is baked in. For these devices, software updates don’t work. The phones need to be replaced.
This bug sat there undetected until late 2024, over a year after the 3G shutdown. Testing protocol gaps meant firmware-locked devices remained undetected across three major carriers—TPG, Telstra, and Optus.
The affected devices include Galaxy S7 series, Note 5 series, and a growing list of phones over seven years old. Under Australia’s Emergency Service Call Determination, carriers must block non-compliant devices from all networks after a 28-day notification period.
This incident shows testing gaps in emergency calling compliance, firmware lifecycle risks, and why some technical debt can’t be patched away. If you’re managing mobile device fleets, this matters.
What is VoLTE and how does it handle emergency calls differently from older networks?
VoLTE sends voice as data packets over 4G LTE networks instead of the circuit-switched connections that 2G and 3G used. Emergency calls on VoLTE use a dedicated emergency APN and SIP signalling to prioritise routing through the IMS core network. Unlike the old systems with hardware-based emergency failover, VoLTE emergency routing depends entirely on correct firmware configuration.
The architecture matters because it moves emergency calling from hardware to software control.
In the old 3G networks, when you dialled 000, your phone’s baseband processor automatically scanned available networks independent of what the operating system was doing. The hardware handled emergency failover. Firmware bugs couldn’t block it.
VoLTE changes this. Voice becomes data packets routed through the carrier’s IP Multimedia Subsystem. Your phone establishes an emergency bearer using a dedicated APN that bypasses normal authentication. A SIP INVITE message carries the emergency indication flag, which triggers priority routing to the PSAP—the Public Safety Answering Point.
The catch—every step depends on firmware instructions. Network selection, failover priority, camp-on behaviour, emergency APN configuration. It’s all defined in firmware tables compiled during manufacturing.
The old 3G system gave you automatic network scanning at the hardware level. VoLTE gives you efficiency and better voice quality, but it introduces firmware dependency as a single point of failure.
Carriers and manufacturers must comply with standards ensuring emergency calls work whenever network service is available. The standards assume firmware will be configured correctly and updated when network infrastructure changes.
The Samsung case shows what happens when those assumptions break down.
What caused Samsung phones to fail Triple Zero calls in Australia?
Samsung firmware hardcoded Vodafone’s 3G network as the only emergency call route for network failover. When Vodafone shut down 3G in late 2023, devices on Telstra or Optus networks trying emergency failover searched for a network that no longer existed. The firmware stopped them from switching to available Vodafone 4G or alternative carriers. Emergency calls just failed.
The configuration error lives in the emergency network selection priority table embedded in the device baseband processor. This table defines which carrier networks the phone tries to use for emergency calls when the home network is unavailable.
For these Samsung models, the table said: “Vodafone 3G only.”
No Vodafone 4G configuration. No Telstra or Optus fallback. Just a hardcoded reference to a network that would eventually be decommissioned.
Here’s the failure sequence: You initiate an emergency call on a Telstra or Optus network. Home network unavailable scenario triggers firmware failover logic. Device searches for hardcoded Vodafone 3G. 3G network no longer exists. Emergency call fails with no fallback mechanism.
Galaxy S7 series, Note 5 series, and additional models are in the scope. These devices were sold 7+ years ago. Around 70 Samsung handsets are confirmed affected—11 need complete replacement, 60 can be fixed via software update.
The discovery timeline shows testing failures. TPG initially found a different VoLTE emergency calling issue in late 2023. Telstra’s comprehensive testing in late 2024 revealed the hardcoded Vodafone 3G problem through “advanced technical procedures” that standard mobile tests don’t reliably detect. That’s a year-long gap between 3G shutdown and discovery.
When Telstra found the issue, their statement was blunt: “Why this was configured this way is a question for Samsung and Vodafone.” The emergency call crisis forced carrier operational responses, including Optus’s decision to bring 450 Nokia staff in-house to improve network oversight.
The answer probably lies in technical debt. Design decisions made in 2015-2016 when these models were manufactured. At that time, Vodafone had extensive 3G coverage in Australia. Someone made a firmware template decision that got reused across model years and never updated when network infrastructure evolved.
How does emergency call routing work on mobile networks?
When you dial 000 or 112, the firmware sets a priority flag in the call setup. This activates the emergency bearer and bypasses normal registration requirements. If you’re on your home network, the phone routes directly to the PSAP—the Public Safety Answering Point—through the carrier’s emergency gateway.
But what happens when your home network is unavailable?
This is where firmware-controlled network failover comes in. The device triggers an emergency scan of all available PLMNs—Public Land Mobile Networks. It measures signal strength, ranks available networks, and camps-on to the strongest signal without requiring SIM authentication.
Regulatory requirements mandate multi-carrier emergency access. If you’re an Optus customer but Optus towers are down, your phone should camp-on to Telstra or TPG’s Vodafone network automatically.
The Samsung firmware failure blocked this entire process. When Telstra or Optus customers had home network unavailability, their phones searched only for Vodafone 3G. No PLMN scanning of available networks. No camp-on to Vodafone 4G or alternative carriers.
The phone didn’t tell you. You dial 000, the phone appears to attempt connection, and nothing happens.
That’s what happened in the November 2024 fatality.
Why did firmware lock Samsung phones to Vodafone’s 3G network?
Samsung firmware contained hardcoded emergency network failover configuration that specified Vodafone 3G as the only alternative network for emergency calls. This configuration was likely created when Vodafone had extensive 3G network coverage in Australia during the mid-2010s and never updated. Hardcoded settings are permanently written into firmware memory during manufacturing and can’t be modified through standard over-the-air software updates.
Let’s talk about what “hardcoded” actually means here.
Baseband processor firmware is low-level control software compiled into binary format during manufacturing. Emergency network priority settings live at this level, not in user-configurable OS settings or even semi-configurable modem files.
There’s a configuration hierarchy: Baseband firmware (lowest level, compiled binary) → Modem configuration files (semi-configurable) → OS-level network settings (user-configurable). Emergency settings sit at the baseband level because they need to be reliable. They can’t depend on OS state or user modifications.
The tradeoff is that baseband firmware is permanent. You can’t change it with a settings update or even most over-the-air updates.
So why did Samsung choose Vodafone 3G specifically?
During 2015-2016 when these models were manufactured, Vodafone operated the most extensive 3G network coverage in Australia. If you were designing emergency failover configuration, Vodafone 3G was a reasonable choice for alternative network access.
Someone made that decision, compiled it into firmware, and moved on. The configuration likely got reused as a template across multiple model years because emergency network tables don’t change often.
Until they have to.
Devices beyond the manufacturer support lifecycle don’t get baseband firmware updates. Samsung discontinued security and firmware updates for these devices years ago. They’re 7+ years old. No OTA update path exists for baseband firmware on legacy models.
Even if Samsung wanted to fix it, the update would require complete baseband processor reflashing using manufacturer-specific tools and security keys that aren’t available for consumer devices. The cost and risk of attempting this for discontinued models exceeds device replacement value.
The technical debt compounds over a 7+ year lifecycle. Network infrastructure assumptions made in 2015 broke in 2023. The firmware had no update path. And testing protocols didn’t catch it.
What is camp-on and why is it necessary for emergency calls?
Camp-on lets mobile devices temporarily register and connect to any available carrier network for emergency calls, even without a valid SIM or roaming agreement. Mobile network engineers describe camp-on as the automatic network switching capability that makes emergency calling work when your carrier’s network fails.
Here’s the process: Firmware scans for all carrier broadcast signals. Measures signal strength. Ranks available networks. Selects the best candidate. The device sends an emergency attach request. The network validates without requiring SIM authentication. Temporary emergency bearer established. Call completes. De-registration after call completion.
Australian regulations mandate multi-carrier emergency access through the Emergency Service Call Determination.
Look at the Optus outage in September 2024. Network infrastructure failure left customers unable to call emergency services for 14 hours. Three people died. If camp-on worked properly, those devices should have automatically switched to Telstra or TPG networks.
Coverage gaps in rural areas, network congestion during disasters—camp-on provides redundancy when you need it most.
The Samsung firmware failure broke all of this. The hardcoded Vodafone 3G configuration prevented PLMN scanning of available networks. Complete camp-on failure.
Why can some Samsung firmware bugs not be fixed with software updates?
Firmware is low-level control software embedded in the baseband processor—compiled into proprietary binary format during manufacturing, cryptographically signed with security certificates. Software is the OS and applications running on top. Different update mechanisms, different security controls.
OTA updates target the software layer and semi-configurable modem files. They can’t modify compiled baseband firmware binaries. The emergency configuration in affected Samsung devices is compiled into the firmware binary at manufacture time. No runtime configuration API exists.
Around 60 of the 71 affected handsets can be fixed because their emergency configuration is in updateable modem files. But 11 models have it hardcoded in baseband firmware. For those, software updates don’t work.
The affected devices were released in 2015-2017. They’re beyond any support lifecycle. Reflashing baseband firmware requires Samsung proprietary tools, security certificates, and signing keys that aren’t public. For 7+ year old phones, the cost exceeds device replacement value.
The technical debt lesson: hardcoded values create long-term liabilities. Network infrastructure assumptions made in 2015 broke in 2023.
For the 11 Samsung models with hardcoded Vodafone 3G configuration, the phones need to be replaced.
How do mobile networks test emergency calling capabilities?
The Samsung firmware issue remained undetected for over a year because carriers’ testing protocols failed to validate emergency failover to non-home networks in 3G shutdown scenarios.
Comprehensive testing requires six phases: home network emergency calling, network unavailable simulation, camp-on verification, cross-carrier emergency routing, technology variant testing (VoLTE, 3G, 2G), and edge cases (removed SIM, expired SIM, roaming).
TPG discovered Samsung devices had an emergency calling issue but identified a different problem than the hardcoded Vodafone 3G configuration. Telstra’s comprehensive testing with home network disabled revealed the hardcoded configuration. This happened in late 2024, over a year after the 3G shutdown.
The testing gaps are systemic. No standardised inter-carrier emergency testing protocols exist. ACMA has now introduced more stringent rules requiring carriers to test network switching during emergencies.
If you’re managing corporate mobile device fleets, implement enterprise device testing protocols: quarterly emergency calling audits, test with home network disabled, verify camp-on to alternative carriers, document results.
During network technology transitions—4G to 5G is coming next—implement dedicated testing windows. The fleet management implications for organisations with mobile devices go beyond consumer safety to operational resilience and regulatory compliance.
The cost has already been measured in lives lost.
What is the Triple Zero custodian and what powers do they have?
The Emergency Call Service custodian, currently Telstra, operates Australia’s Triple Zero emergency call network under government contract. ACMA regulates emergency calling through the Emergency Service Call Determination, which mandates blocking devices that can’t reliably complete emergency calls.
Here’s what happens when a device fails emergency calling:
Carrier identifies non-compliant devices via IMEI—International Mobile Equipment Identity. Sends SMS and email warnings. Provides 28-35 day remediation period with update instructions or replacement offers. Adds IMEI to national blocking database. Device gets blocked from all Australian networks, not just home carrier.
For the Samsung incident, ACMA mandated blocking of affected devices. Samsung is obligated to provide device replacement programmes.
New requirements starting November 1, 2024 include real-time reporting of outages to ACMA and emergency services. Mandatory improvement plans after Triple Zero outages. Testing during network upgrades and maintenance.
The regulatory framework is tightening in response to repeated failures—the Optus outages, the Samsung firmware issue, and others.
FAQ Section
How do I know if my Samsung phone can make emergency calls properly?
Check Samsung’s official announcement and your carrier’s (Telstra, Optus, TPG) affected device lists. If your device is affected, you’ll receive SMS/email notification from your carrier. You can also check if your phone successfully registers on alternative carrier networks in settings, but DO NOT test by calling actual emergency numbers. Affected models primarily include Galaxy S7 series, Note 5 series, and selected devices over 7 years old.
What should I do if my Samsung phone is on the affected devices list?
Follow your carrier’s instructions immediately. Most devices can receive a firmware update via Settings → Software Update. If your device has hardcoded firmware, it can’t be fixed with software updates and you must accept the free replacement phone offered by your carrier. Don’t ignore notifications—your device will be blocked from all Australian networks after the 28-35 day notification period, making it unusable for all calls.
Can I still use my blocked Samsung phone with a different carrier?
No. ACMA Emergency Service Call Determination requires devices to be blocked by IMEI (device hardware identifier) across all Australian carriers. If your device is blocked by one carrier for emergency calling non-compliance, it’s blocked by all carriers. International use may still be possible, but the device is permanently unusable on Australian networks.
Why didn’t Samsung discover this firmware bug before selling the devices?
The firmware configuration was created when Vodafone’s 3G network was operational and provided extensive coverage in the mid-2010s. The bug was latent—it only showed up when Vodafone decommissioned 3G in late 2023, years after the affected devices were sold and exceeded their support lifecycle. Emergency call failover testing wasn’t comprehensive enough to detect hardcoded network configurations in scenarios simulating complete network technology shutdowns.
What is the difference between VoLTE emergency calling and legacy 3G emergency calling?
Legacy 3G emergency calling used circuit-switched voice networks with hardware-based automatic network scanning by the baseband processor, independent of firmware configuration. VoLTE emergency calling transmits voice as data packets over 4G LTE networks, requiring explicit firmware instructions for network selection, emergency bearer configuration, and camp-on behaviour. VoLTE is more efficient but introduces firmware dependency risks, as the Samsung incident demonstrates.
Will this firmware issue affect newer Samsung phones?
Newer Samsung devices—generally those released after 2018 and still receiving security updates—use updated firmware architecture with dynamic emergency network configuration rather than hardcoded settings. These devices receive regular firmware updates and are tested against current emergency calling standards. However, the incident highlights the importance of ongoing testing during network transitions and comprehensive emergency failover validation for all device models.
Can I test my corporate mobile devices for emergency calling compliance?
Yes. Implement quarterly emergency calling audits using non-emergency test numbers where available, or coordinate with carriers for controlled testing. Testing should verify: home network emergency calling, network unavailable scenarios (simulated by disabling home network in device settings), camp-on to alternative carriers, and cross-technology validation. Document all test results for compliance records and regulatory audits.
What lessons should I learn from this incident for managing corporate device fleets?
Key lessons: (1) Emergency calling compliance must be validated during procurement and periodically re-tested, especially during network technology transitions. (2) Device lifecycle planning should account for firmware update support timelines and regulatory compliance requirements. (3) Hardcoded firmware settings create long-term technical debt and compliance risks. (4) Vendor support commitments for emergency-related features should exceed typical commercial support windows. (5) Multi-carrier emergency failover testing is necessary, not just home network validation. (6) Regulatory compliance is non-negotiable—blocked devices become completely unusable, creating business continuity risks.
Why did it take over a year to discover this firmware issue?
Testing protocol gaps meant carriers tested emergency calling primarily on home networks rather than comprehensive multi-carrier failover scenarios. TPG discovered an issue in late 2023 but identified a different problem. Telstra’s more comprehensive testing in late 2024 revealed the hardcoded Vodafone 3G configuration. The year-long gap highlights inadequate testing protocols, lack of standardised inter-carrier emergency testing requirements, and insufficient regulatory guidance on testing scope and frequency during network technology transitions.
Are other phone manufacturers affected by similar firmware issues?
While the Samsung hardcoded Vodafone 3G issue is unique to specific Samsung models, emergency calling firmware configuration is a potential risk across all manufacturers. The incident prompted ACMA and carriers to expand testing to other manufacturers and device models. Request emergency calling compliance documentation from all device vendors. Prioritise manufacturers with longer firmware update commitments. Implement independent emergency calling validation testing regardless of vendor claims.
What happens to my data if my Samsung phone is blocked?
Device blocking prevents network connectivity—calls, SMS, mobile data—but doesn’t affect the phone’s local functionality or stored data. You can still access photos, contacts, apps, and files. Before accepting a replacement phone, back up all data via Wi-Fi to cloud services (Google Drive, Samsung Cloud) or transfer to computer via USB. Carriers and Samsung provide data transfer tools and support during the replacement process.
The Samsung VoLTE firmware failure is a technical manifestation of deeper problems in telecommunications infrastructure, testing protocols, and regulatory oversight. For a comprehensive overview of how triple zero failures exposed systemic vulnerabilities across Australia’s telecommunications ecosystem, see our analysis of the broader crisis and what needs to change.
