Mar 17, 2023 13:11:00

A bug is discovered that allows you to remotely access the device via Samsung's chip

On March 16, 2023 (Thursday), Google's

zero-day attack countermeasure team, Project Zero , will be able to remotely execute code on some models of Samsung's chipset ' Exynos ' used in smartphones and smart watches. I discovered that there is a vulnerability.

Project Zero: Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html

Product Security Update | Support | Samsung Semiconductor Global

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Google warns users to take action to protect against remotely exploitable flaws in popular Android phones | TechCrunch

https://techcrunch.com/2023/03/16/google-warning-samsung-chips-flaws-android/

Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets
https://www.bleepingcomputer.com/news/security/google-finds-18-zero-day-vulnerabilities-in-samsung-exynos-chipsets/

'Our security researchers have identified a total of 18 zero-days, including four serious flaws that could remotely compromise a device over a network,' said Tim Willis, head of Google's Project Zero. I found a vulnerability.'

What happens when you get @natashenka , @ifsecure , @_fel1x , @i41nbeer and @tehjh working collaboratively on a new attack surface for the team?

This: https://t.co/u6s6p8eNTr

The blogpost also includes actions that users can take to protect themselves while waiting for patches.

— Tim Willis (@itswillis) March 16, 2023

Four critical vulnerabilities, including CVE-2023-24033, are said to exploit Internet-to -baseband remote arbitrary code execution bugs that allow attackers to remotely and covertly compromise devices without user interaction. It has been.

``In our tests, these four vulnerabilities allow an attacker to remotely compromise a target device simply by knowing the target phone number,'' said Tims.

The other 14 vulnerabilities are considered less severe because they require direct access to the target device or unauthorized access to the manufacturer's system.

The affected chipsets announced by Samsung are the Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123, and Exynos W920. .

Devices with these chipsets that may be affected include the 12 models of smartphones in the 'Galaxy' series, such as the Galaxy S22 , Galaxy A33 and Galaxy M13 , as well as some Vivo products such as the Vivo S16 , Including Pixel 7 and Pixel 6 devices.

Samsung provides security updates that address vulnerabilities to manufacturers that provide these chipsets, and each manufacturer is expected to apply security updates sequentially. It is reported that Google applied a security patch on March 13, 2023 for CVE-2023-24033 related to the Google Pixel vulnerability.

``Until security patches are available, users can disable Wi-Fi and VoLTE to prevent attacks targeting Exynos chipsets,'' Project Zero said in a report. I am proposing. 'As always, users are encouraged to update their devices regularly and apply patches to fix security vulnerabilities,' Willis said.

WHOA: own a recent Samsung or Vivo phone? @Google 's Project Zero found serious baseband vulnerabilities.

While awaiting fixes, disable Wi-Fi calling & VoLTE.

+ do your updates! 1/

By @natashenka @ifsecure @_fel1x @i41nbeer & @tehjh https://t.co/gyc6WpWAf5 pic.twitter.com/IzRexxdL1O

— John Scott-Railton (@jsrailton) March 16, 2023