comscore Google warns against 18 bugs for Android users found in Samsung Exynos chips
News

Google warns users against 18 bugs in mass-level Android phones

News

Tests conducted by Project Zero confirmed that those four vulnerabilities allow an attacker to remotely compromise a phone.

Highlights

  • The affected mobile devices are from Samsung, Vivo, Google (Pixel 6 and Pixel 7 series); any wearables that use the Exynos W920 chipset.
  • Tests conducted by Project Zero confirmed that those four vulnerabilities allow an attacker to remotely compromise a phone.
  • Google expects that patch timelines will vary per manufacturer, and affected Pixel devices have already received a fix.
GOOGLE

Google adds contact photos to conversation threads in messages

Google security teams have discovered 18 zero-day vulnerabilities in Samsung Exynos chips used in several top Android smartphones and wearables that may put those devices at risk. Google’s Project Zero head Tim Willis said in a blog post that the four most severe of these vulnerabilities “allowed for Internet-to-baseband remote code execution”. Also Read - Samsung Galaxy F14 5G with Exynos 1330 SoC and 6,000mAh battery unveiled

Google warns Android users against 18 bugs in Samsung Exynos chips

Tests conducted by Project Zero confirmed that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. Also Read - Twitter Blue is now available globally: Check price, features

With limited additional research and development, “we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely”, said Google security researchers. Also Read - How to block call from unknown number on iPhone, Android smartphone

“Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings,” said Willis.

Turning off these settings will remove the exploitation risk of these vulnerabilities, he added.

The affected mobile devices include:

  • Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series;
  • Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;
  • The Pixel 6 and Pixel 7 series of devices from Google;
  • any wearables that use the Exynos W920 chipset; and
  • any vehicles that use the Exynos Auto T5123 chipset.

Google expects that patch timelines will vary per manufacturer, and affected Pixel devices have already received a fix.

“As always, we encourage end users to update their devices as soon as possible, to ensure that they are running the latest builds that fix both disclosed and undisclosed security vulnerabilities,” said Google.

–With inputs from IANS

  • Published Date: March 17, 2023 10:30 AM IST
For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow Techlusive India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.

Most Popular

Amazon Premium Electronics Days sale: Check top deals

Krafton s New State Mobile gets March update: What s new

Airtel 5G Plus arrives is now available in 500 Indian cities: Check list

Twitter Blue goes global as legacy blue ticks get ready for sunset

No, it s not a joke, legacy blue ticks are going away from Twitter on April 1

Snap AR's Joe Darko Interviewed: 8 questions answered

UPI LITE is not an alternative, but an add-on to UPI: Paytm executive

Nokia C12 Pro Launched In India With Price Starting At Rs 6999 - Watch Video

Google Begins Public Release Of Bard, Its ChatGPT Competitor - Watch Video

Jabra Elite 4 TWS Earbuds Launched With ANC & Bluetooth Multipoint Features - Watch Video

Related Topics

Latest Videos

Nvidia Launches AI Supercomputer Cloud Service and partnerships to train generative AI

Tech Updates/ launch

Nvidia Launches AI Supercomputer Cloud Service and partnerships to train generative AI
Instagram's new feature began displaying ads in search results

Tech Updates/ launch

Instagram's new feature began displaying ads in search results
Google ramps up AI technology into its healthcare offerings

Tech Updates/ launch

Google ramps up AI technology into its healthcare offerings
Nothing OS 1.5.3 starts rolling out for Phone (1)

Tech Updates/ launch

Nothing OS 1.5.3 starts rolling out for Phone (1)