• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
google uncovers 18 severe security vulnerabilities in samsung exynos chips

Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips

You are here: Home / General Cyber Security News / Google Uncovers 18 Severe Security Vulnerabilities in Samsung Exynos Chips
March 17, 2023

Google is calling interest to a established of critical security flaws in Samsung’s Exynos chips, some of which could be exploited remotely to wholly compromise a phone devoid of demanding any consumer conversation.

The 18 zero-working day vulnerabilities have an affect on a wide assortment of Android smartphones from Samsung, Vivo, Google, wearables applying the Exynos W920 chipset, and motor vehicles equipped with the Exynos Automobile T5123 chipset.

4 of the 18 flaws make it probable for a threat actor to attain internet-to-baseband remote code execution, Google Challenge Zero, which documented the issues in late 2022 and early 2023, reported.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“[The] four vulnerabilities allow for an attacker to remotely compromise a phone at the baseband stage with no consumer interaction, and call for only that the attacker know the victim’s phone amount,” Tim Willis, head of Google Challenge Zero, explained.

In undertaking so, a danger actor could gain entrenched obtain to mobile details passing in and out of the specific system. More facts about the bugs have been withheld.

The attacks may well sound prohibitive to execute, but, to the opposite, they are well within just achieve of skilled attackers, who can swiftly devise an operational exploit to breach afflicted devices “silently and remotely.”

The remaining 14 flaws are mentioned to be not as serious, as it necessitates a rogue mobile network insider or an attacker with nearby accessibility to the unit.

WEBINARDiscover the Hidden Dangers of 3rd-Party SaaS Apps

Are you aware of the risks connected with 3rd-party app entry to your company’s SaaS apps? Join our webinar to learn about the sorts of permissions becoming granted and how to limit risk.

RESERVE YOUR SEAT

Although Pixel 6 and 7 handsets have now acquired a repair as portion of March 2023 security updates, patches for other products are predicted to differ relying on the manufacturer’s timeline.

Right up until then, buyers are advised to swap off Wi-Fi calling and Voice over LTE (VoLTE) in their machine configurations to “take out the exploitation risk of these vulnerabilities.”

Identified this posting exciting? Follow us on Twitter  and LinkedIn to read through much more unique information we post.


Some elements of this report are sourced from:
thehackernews.com

Previous Post: «Cyber Security News US Government IIS Server Breached via Telerik Software Flaw
Next Post: Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials winter vivern apt group targeting indian, lithuanian, slovakian, and vatican»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Free decryptor released for Conti ransomware variant infecting hundreds of organisations
  • Bitwarden to release fix for four-year-old vulnerability
  • THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
  • New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
  • A New Security Category Addresses Web-borne Threats
  • ICO Reprimands Metropolitan Police for Data Snafu
  • Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
  • Russian Military Preparing New Destructive Attacks: Microsoft
  • Podcast transcript: The changing face of cyber warfare
  • Vishing Campaign Targets Social Security Administration

Copyright © TheCyberSecurity.News, All Rights Reserved.