Google’s security research unit is warning Android device owners that a set of vulnerablities found in Samsung chips used in dozens of Android models, wearables, and vehicles could soon be discovered and exploited. The vulnerabilities could allow an assailant access to critical data stored on the devices, including personal information and phone contacts. If left unaddressed, these vulnerabilities could lead to widespread insecurity across a wide range of devices.
One top-severity zero-day vulnerability that could compromise affected devices “silently and remotely” over the cellular network found by in-house security researchers at Google Project Zero is a flaw in Exynos modems produced by Samsung. This vulnerability could allow an attacker to take complete control of an infected device, password protect it, or even disable the device entirely.
The four publicly disclosed vulnerabilities found by Project Zero in Android phones are alarming and could allow any hacker to remotely compromise a device, bypass security measures, and even steal valuable data. Although no user interaction is required for these attacks, victims may be at risk if their phones are connected to the internet or if they store personal information on the devices.
This ability would give an attacker a very clear view into the activities of the victim, without notification. This could include intercepting cellular calls and text messages, as well as accessing data traffic flowing in and out of the device.
Concerns over the severity of a recently disclosed vulnerability by Google have sparked debate on what constitutes as high severity and whether or not it is necessary for security researchers to issue warnings before patches are released. Google’s disclosure specifically referenced the risk an attacker could quickly create an operational exploit with limited research and effort, raising questions about what qualifies as a high-severity vulnerability. While many would argue that any flaw which can be exploited by malicious actors merits immediate action, others argue that issuing public warnings might unnecessarily alarm unsuspecting users and result in less security improvements overall.
Following criticism from researchers and the public, Samsung has been given 90 days to fix a number of security holes found in its devices. Given the severity of these bugs, it is surprising that Samsung has yet to release a software update to fix them all. The company has been urged to expedite the process by publishing patches for users as soon as possible in order to protect them from potential attacks.
Samsung has confirmed that several of their Exynos modems are vulnerable to a malware attack that could affect many Android devices manufactured by different manufacturers. Samsung provided little other information about the vulnerability, other than to say that they are working on a solution. While no specific device models have been identified as being affected, it is possible that anyone who uses an Android device with one of these Exynos modems could be at risk.
Samsung has confirmed that their devices are affected by a security issue, which could allow unauthorized users to access sensitive information. The issue affects nearly a dozen Samsung models and Vivo devices, as well as Google’s own Pixel 6 and Pixel 7 handsets. Affected vehicles that rely on the Exynos chip for connecting to the cellular network are also included in this list. Samsung is currently working on a fix for this problem, so users should be cautious until the update is available.
Many Pixel devices have already received patches for the March security updates, but some Android devices may not be updated. Google recommends that all users update theirdevices as soon as possible to stay safe from potential Threats.
Some people may still be using devices that are vulnerable to these exploits, but Google is urging users to take protective measures by disabling Wi-Fi calling and VoLTE in their device settings.
According to Google, the remaining 14 vulnerabilities are not as severe as the other 13. They require either access to a device or have insider or privileged access to a cell carrier’s systems.