Two security flaws have been disclosed in Samsung’s Galaxy Shop application for Android that could be exploited by a nearby attacker to stealthily put in arbitrary applications or direct future victims to fraudulent landing web pages on the web.
The issues, tracked as CVE-2023-21433 and CVE-2023-21434, were being discovered by NCC Group and notified to the South Korean chaebol in November and December 2022. Samsung classified the bugs as reasonable risk and released fixes in model 126.96.36.199 shipped previously this month.
Samsung Galaxy Retail outlet, earlier acknowledged as Samsung Applications and Galaxy Applications, is a focused app retail outlet utilized for Android units manufactured by Samsung. It was launched in September 2009.
The initial of the two vulnerabilities is CVE-2023-21433, which could help an now mounted rogue Android application on a Samsung system to put in any application available on the Galaxy Store.
Samsung described it as a scenario of poor access regulate that it said has been patched with right permissions to prevent unauthorized access.
It truly is well worth noting below that the shortcoming only impacts Samsung gadgets that are running Android 12 and ahead of, and does not have an effect on individuals that are on the most up-to-date model (Android 13).
The second vulnerability, CVE-2023-21434, relates to an instance of incorrect enter validation occurring when limiting the list of domains that could be released as a WebView from inside the app, properly enabling a menace actor to bypass the filter and browse to a domain beneath their command.
“Either tapping a malicious hyperlink in Google Chrome or a pre-installed rogue software on a Samsung gadget can bypass Samsung’s URL filter and launch a webview to an attacker controlled area,” NCC Group researcher Ken Gannon mentioned.
The update arrives as Samsung rolled out security updates for the month of January 2023 to remediate numerous flaws, some of which could be exploited to modify provider network parameters, regulate BLE advertising and marketing without the need of permission, and accomplish arbitrary code execution.
Identified this posting exciting? Comply with us on Twitter and LinkedIn to read much more special content material we submit.
Some components of this post are sourced from: