Technology

Samsung will patch the last dangerous Exynos modem vulnerability in April

By Nick Heyman

Earlier this month we told you about a zero-day vulnerability which means that a flaw was previously unknown to the software vendor and has been unpatched. The vulnerability affected the Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5123. Armed with nothing but the targeted device’s phone number, attackers can access the device.
We know that Pixel 6 and Pixel 7 models were affected, but the flaw has been patched on these phones with the March security update which has now been released for the Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7 and the Pixel 7 Pro. Other phones affected include Exynos-powered phones in the Samsung Galaxy S22 line. These models were sold in the U.K. and Europe. Other Samsung phones with the flaw include models in the mid-range Galaxy A and Galaxy M lines:

  • Galaxy A71
  • Galaxy A53
  • Galaxy A33
  • Galaxy A21s
  • Galaxy A13
  • Galaxy A12
  • Galaxy A04 series
  • Galaxy M33
  • Galaxy M13
  • Galaxy M12
  • Galaxy Watch 5 series
  • Galaxy Watch 4 series

Also affected are a few Vivo models such as the S16, S15, S6, X70, X60, and X30 series.

A Samsung community manager posted on the Samsung U.S. community site and said that five out of the six vulnerabilities found in the aforementioned Exynos modems were patched in March and the remaining flaw will be patched next month. Interestingly, Samsung initially came to the conclusion that the flaws were not severe.

A Samsung community manager says that the flaw will be completely patched next month - Samsung will patch the last dangerous Exynos modem vulnerability in April

A Samsung community manager says that the flaw will be completely patched next month

The community manager wrote last week, “Hello, We understand the concern of vulnerabilities. Samsung takes the safety of our customers very seriously. After determining 6 vulnerabilities may potentially impact select Galaxy devices, of which none were ‘severe’, Samsung released security patches for 5 of these in March. Another security patch will be released in April to address the remaining vulnerability. As always, we recommend that all users keep their devices updated with the latest software to ensure the highest level of protection possible.”

Until the last vulnerability is patched in April, the Samsung and possibly the Vivo handsets listed above are at risk of being compromised at the baseband level. Thus, Google’s Project Zero research team recommends that users of phones still vulnerable should disable Wi-Fi calling and Voice-over-LTE (VoLTE).

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.

Nick Heyman