Security shock for millions of Samsung Galaxy (Android 9-12) users

Although these days I use the iPhone as my primary smartphone device, I still have my Samsung Galaxy Note 10+ 5G to back up and use the stove. If you own a Samsung smartphone, running a wide range of Android versions from 9 to 12, I have some good and bad news for you. Serious, and seriously shocking, security news at the time.

This week, researchers at Kryptowire published a report detailing how they discovered a very dangerous vulnerability in a pre-installed phone app across multiple models that could enable a hacker to take control of your phone. What kind of control? Well, the researchers said, everything from factory resetting and making calls to installing or deleting apps. All this by an unauthorized user if the victim has installed any third-party app that has been modified to “mimeticate system-wide activity and hijack critical protected functions,” Kryptowire reports.

More from ForbesIs this Wordle Clone app tracking you? Betteridge does not apply

Bad news for Samsung smartphone users in more detail

Alex Lisle, chief technical officer of Kryptowire, asked the question, “Have you ever thought that someone else had access to your phone?” Here’s unwelcome news with his answer: “Unfortunately, you may be right.” The highly dangerous vulnerability, CVE-2022-22292, discovered by Kryptowire researchers was just as shocking as Leslie made it seem.

Found on Samsung smartphones, the pre-installed phone app contains an insecure component that essentially grants native apps, apps without system-level privileges, the ability to perform such privileged operations anyway without the user’s permission.

In the full and technical report on this horrific security bug from Samsung, researchers say that devices running any version of Android between 9 and 12 have been affected. There were some differences between how versions 10-12 were exploited compared to version 9, but the result was the same: a smartphone that was compromised without the user knowing it.

Although the full extent to which Samsung smartphones were vulnerable to this attack methodology is still unknown, researchers were able to demonstrate an exploit using the Samsung Galaxy S21 Ultra 5G with the latest version of Android 12, for example. Samsung Galaxy S10 + and Samsung A10e were also used during the leveling test. However, the Samsung Galaxy S8, running Android 8, was found not to be vulnerable. The bad news, then, is that if you have any Samsung smartphone running Android version 9 and later, this vulnerability is likely present.

I have contacted Samsung for an official statement but at the time of publication I have yet to receive a response.

More from ForbesGoogle suddenly releases a new emergency security update for 3.2 billion Chrome users

Now here’s the good news

It’s not all bad news: full details of CVE-2022-22292 were revealed to Samsung on November 27, 2021, and a patch was made available as part of the February 2022 security maintenance release program.

Assuming your device has been updated to show the February 2022 security patch level or later, you are protected. However, not everyone will update their device or be able to update it. Mea culpa, my Galaxy Note 10+ was lagging in this regard as I haven’t used it in a couple of months. So, please make sure your devices are up to date. You can do this by heading to your smartphone’s settings menu and selecting About phone | Program information Then scroll down to the Android security patch level.

Leave a Comment

Your email address will not be published.