Top Ad unit 728 × 90

Breaking News


Google’s Project Zero Uncovers Major Security Flaws in Samsung's Exynos

Google’s Project Zero, the tech giant’s security research team, has discovered several vulnerabilities in Samsung modems that power devices like the Pixel 6, Pixel 7, and some models of the Galaxy S22 and A53. The vulnerabilities could allow hackers to remotely compromise a phone at the baseband level with no user interaction, leaving users vulnerable to silent and remote attacks. Despite the severity of the issue, it seems like Samsung is dragging its feet on fixing it.

Google has released a security update for Pixels in March, which should patch the problem, but it’s not yet available for the Pixel 6, 6 Pro, and 6a. According to the researchers, several mobile devices, wearables, and vehicles using the Exynos W920 chipset could also be at risk.

  • Mobile devices from Samsung, including those in the Galaxy S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
  • Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series
  • any wearables that use the Exynos W920 chipset
  • any vehicles that use the Exynos Auto T5123 chipset

If your phone uses one of the vulnerable modems, Project Zero advises turning off Wi-Fi calling and Voice-over-LTE to protect yourself. But, it’s worth noting that only devices with Exynos modems are vulnerable. Phones sold outside of Europe and some African countries with Qualcomm processors should be safe from these specific issues.

While security researchers traditionally wait for a fix to be available before announcing the bug, it appears that Project Zero has taken a different approach. The team released the details of the vulnerabilities without any patch in sight. In total, Project Zero found 18 vulnerabilities in the modems. Four of them are particularly bad, allowing “Internet-to-baseband remote code execution,” while the rest require a malicious mobile network operator or an attacker with local access to the device.

If you own a Samsung device, especially one with an Exynos modem, it’s essential to be aware of these vulnerabilities and take steps to protect your data.

(via: The Verge)

No comments:

Comments on GameOPS are moderated. Please keep your comments relevant to this blog entry.

If you don't have a Google, LiveJournal, Wordpress, AIM, Typepad or OpenID account, please choose NAME/URL when posting a commment. Anonymous comments will be rejected.

Proud member of 9rules

Contact Form


Email *

Message *

Powered by Blogger.