Google is warning that some Samsung-powered Android devices are suffering from high-severity vulnerabilities which allow threat actors to compromise the endpoints remotely without user interaction. In a blog post published on the Project Zero website earlier this week, Google’s researchers said that they reported 18 zero-day vulnerabilities found in Samsung’s Exynos Modems in late 2022 and early 2023. Of those 18, four are high-severity, allowing for internet-to-baseband remote code execution. With many organizations relying on mobile devices power their workforce, financially-motivated hackers, as well as state-sponsored threat actors from China and Russia, for example, will seek to exploit these flaws in malicious campaigns of data theft and espionage. “Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim's phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely,” the researchers said. Of the four vulnerabilities, just one has an assigned CVE - CVE-2023-24033. The other three are pending. Given that the Android ecosystem is decentralized, the speed at which the flaws receive patches depends on the manufacturers. Google, for example, has already patched these flaws for its Pixel smartphone lineup, in its March update. For others, such as Samsung, or Vivo, it depends on how fast these companies react. For that reason, Google decided not to share more details about the flaws, in order not to give the attackers any head start. In anticipation of the patch, IT teams who are worried about the flaws can go for a workaround - turning off Wi-Fi calling and Voice-over-LTE (VoLTE) essentially renders the vulnerabilities harmless. Here’s the full list of all the affected devices, as per Google’s Project Zero: Given that the flaws only affect Android devices running on Exynos, the news comes as an unexpected win for Qualcomm, especially in the SMB sector. Whether or not the company capitalizes on the news and how remains to be seen. Via: TechCrunchNo user interaction required
source https://www.techradar.com/news/several-zero-days-are-plaguing-android-devices-with-samsung-chips-warns-google
Read more