In a blog post, Google’s Project Zero security research team pointed out the vulnerabilities in Samsung’s Exynos chip modem. Four of the 18 reported security issues with the system-on-a-chip are critical enough that an attacker could use them to gain access to a victim’s phone with just their phone number.
Security researchers usually disclose vulnerabilities after they’ve fixed them. However, Samsung seems to be a bit late in this regard. Maddie Stone The Project Zero researcher tweeted that 90 days after the vulnerability was discovered, users still have not received a software patch to fix this problem.
According to the researchers, if hackers exploit the vulnerable Exynos chips, the following devices are at risk of remote access vulnerability:
– Galaxy A12, Galaxy A13, Galaxy A21, Galaxy A33, Galaxy A53, Galaxy A71, Galaxy M13, Galaxy M33, Galaxy S22 and Samsung Galaxy A04.
– Vivo X60, X70, S6, S15, S16 and X30 phones.
– series Pixel 6 and Pixel 7.
– All wearable products with Exynos W920 chip.
– All cars equipped with Exynos Auto T5123 chip.
to report AndroidauthorityGoogle fixed the Exynos chip security issue in the March security update for the Pixel 7 series. However, the said update is not yet available for the Pixel 6 series.
Project Zero noted in its report that with additional research and development, attackers could quickly create an operational exploit for affected devices that would allow them to remotely access the target device invisibly.
Google suggests turning off Wi-Fi calling and VoLTE on your smartphone until the security patch is released.
Source link
