Google Says Samsung, Pixel and Vivo Phones at Risk Due To Vulnerable Exynos Chips – Gulf Insider

Google’s Project Zero security research team has discovered 18 security concerns related to Samsung’s Exynos chipsets that are used in smartphones, mobile devices, wearables and cars.

Four of the 18 reported vulnerabilities are critical and could let cyber criminals hack smartphones remotely, with only the help of the user’s phone number.

Tim Willis, head of Project Zero, said tests conducted by the company confirmed that those four vulnerabilities allow a hacker to “remotely compromise a phone at the baseband level with no user interaction”.

“With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely,” Mr Willis said.

See also  Bahrain: Brave CF President Receives Keys To Colombian City - Gulf Insider

However, the report revealed, the 14 other vulnerabilities are not as severe, as they require either a malicious mobile network operator or an attacker with local access to the device.

Affected mobile devices include South Korean company Samsung’s S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series phones.

Other devices include Chinese brand Vivo’s, S16, S15, S6, X70, X60 and X30 series phones; Google’s Pixel 6 and Pixel 7 series phones; and any vehicles that use the Exynos Auto T5123 chipset.

Under its standard disclosure policy, Project Zero discloses security vulnerabilities to the public a set time after reporting them to a software or hardware vendor.

What will be the patch timeline?

It’s still not clear.

See also  5 Signs of Dementia To Never Ignore, According to a Neuroscientist - Gulf Insider

Project Zero researchers expect that patch timelines will vary per manufacturer. For example, affected Pixel devices have already received a security update this month. Although Google has already patched the issues for Pixel 7 series phones, the update has not reached the Pixel 6 series phones yet.

In the meantime, Google recommends that users with affected devices can protect themselves from the vulnerabilities by turning off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings. VoLTE is how phones and carriers transmit our voices during a call.

See also  Lifting the suspension of direct and indirect travel of Citizens to Indonesia - Ministry of Interior

“We encourage end users to update their devices as soon as possible, to ensure that they are running the latest builds that fix both disclosed and undisclosed security vulnerabilities,” Mr Willis said.

Samsung, which was the largest smartphone manufacturer last year, and other vendors have yet to resolve the issues affecting the Exynos chips.

In September last year, Samsung said it suffered a cyber security breach in July that exposed the personal information of some customers in the US.




Source link


Works as an in-house Writer at Gulf Tech Plus and focuses on the latest smart consumer electronics. Closely follows the latest trends in consumer IoT and how it affects our daily lives. You can follow him on Facebook, Instagram & YouTube.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button