Samsung Galaxy device owners beware! New flaw could delete all data, make random phone calls

0
3



Samsung Galaxy Android devices may face a new security threat due to a new vulnerability. The new issue has been spotted by Cryptowire on existing Samsung Android devices running Android 9, Android 10, Android 11, or the latest Android 12. Vulnerability has been observed in Native

new vulnerability spotty The cyber security firm may allow any local app on the device (including third party apps with zero permissions) to provide random instructions to Samsung Galaxy devices. A vulnerability has been found in a pre-installed app (in this case the Phone app). The malicious player would be able to execute the instructions as the system user. The vulnerability is affecting Android versions 10, 11 and 12.

The same vulnerability exists on Android 9, although it allows zero-permission third-party apps to provide arbitrary Intent objects. These instructions are sent by the same sensitive pre-installed app to broadcast receiver app components.

How will this affect users?

This vulnerability in the Phone app on affected Samsung devices allows a third-party app (even with zero permissions) to do things like factory reset, call phone numbers, call privileged phone numbers (such as emergency numbers), and install a custom certificate. allows. Right. Any app installed on the phone can gain access to all permissions without the user’s consent.

All these above capabilities are executed programmatically without any user involvement. This is a limited sample of vulnerabilities that have been made accessible to third-party apps through pre-installed vulnerable apps.

Recently phones like Samsung S21 Ultra 5G running Android 12 are affected by this vulnerability.

Devices affected by this vulnerability

Samsung S 21 Ultra 5G (SM-G998U1): Android 12
Samsung S 21 Ultra 5G (SM-G998U1): Android 11
Samsung S10+ (SM-G975F): Android 10
Samsung A10e (SM-A516B): Android 9

Post Samsung Galaxy Device Owners Beware! New flaw could delete all data, random phone call first appears on BGR India.

Leave a Reply