Google Warns Users Of Some Of The Most Popular Android Phones To Protect Themselves Against Remotely Exploitable Flaws
Google’s security research unit has sounded an alarm against a very serious threat in some popular android mobile phones. Basically, the team found some vulnerabilities in dozens of android models, wearables, and even vehicles, the feared these flaws could soon be discovered and taken advantage of.
Google’s project zero head Tim Willis in the security researchers team found and reported 18 zero-day vulnerabilities in Exynos modems produced by Samsung over the past few months, including the four top severity flaws that could compromise the affected devices silently and remotely, and it can be done through the cellular network.
“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction and require only that the attacker know the victim’s phone number,” Willis said.
Essentially, the Exynos modems that convert cell signals to digital data, by gaining the ability to remotely run code at a device’s baseband level, an attacker would be able to gain access to the data flowing in and out of an affected device, including cellular calls, text messages, and cell data as well, without alerting the victim in any way
As disclosures go, it is rare to see Google or any other security research firm sound the alarm on such a threat before they are patched, google noted the risk to the public while stating that skilled attackers “would be able to quickly create an operational exploit” with a limited requirement of effort.
Project Zero researcher Maddie Stone tweeted that Samsung had 90 days to patch the bugs, but they are yet to do so.
Samsung confirmed in a march 2023 security listing that several Exynos modems are vulnerable, and affecting several android device manufacturers but provided a little detail about other things.
According to project zero, affected devices include nearly a dozen Samsung models, vivo devices, and Google’s own Pixel 6 and 7 models. Affected devices also include wearables and vehicles that rely on Exynos chips for connecting to cellular networks. This is the list of affected devices but keeps in mind that it doesn’t end here,
- Samsung mobile devices, including the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series;
- Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series;
- Google Pixel 6 and Pixel 7 series;
- Connected vehicles that use the Exynos Auto T5123 chipset,
Google further said that the patches will be depending wholly on the manufacturer of these devices but noted that pixel devices have already been patched with its March security updates.
Until affected manufacturers push software updates to their users, Google has said that the users who wish to protect themselves and are aware of the magnitude of damage that can potentially be done can simply switch off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings, this will remove the exploitation risk of these vulnerabilities according to Google.
“Due to a very rare combination of level access these vulnerabilities provide and the speed with which we believe a reliable operational exploit could be crafted, we have decided to make a policy exception to delay disclosure for the four vulnerabilities that allow for internet-to-baseband remote code execution,” Willis wrote in a blog post.
Google further said that the remaining 14 vulnerabilities were less severe than this since they required either access to a device or insider access to a cell carrier’s systems. Protecting personal devices is extremely important because of the rise in hybrid and remote work, especially in the last years, with mobile phones more likely to contain sensitive information related to their business or their jobs.
Samsung sent an update email to TechTarget Editorial.
“After determining 6 vulnerabilities may potentially impact select Galaxy devices, of which none were ‘severe,’ Samsung released security patches for 5 of these in March. Another security patch will be released in April to address the remaining vulnerabilities,” said Samsung.
“As always, we recommend that all users keep their devices updated with the latest software to ensure the highest level of protection possible.”