Some Samsung Exynos phone chips have a worrying security flaw

2 weeks ago

(Image credit: Shutterstock / Poetra.RH)

Some Samsung smartphones were reportedly carrying a precocious severity vulnerability successful their processors, allowing threat actors to escalate privileges and perchance driblet malware connected nan devices.

Cybersecurity researchers from Google’s Threat Analysis Group (TAG) recovered nan flaw and reported it to Samsung, which addressed nan vulnerability connected October 7, pinch a spot and a follow-up information advisory.

In nan advisory, nan flaw was described arsenic an use-after-free vulnerability, tracked arsenic CVE-2024-44068, pinch a severity people of 8.1 (high-severity), recovered successful Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920.

Vulnerability chain

Samsung phones that are powered by these chips see parts of nan S10 series, Note 10 and 10+, nan S20 series, arsenic good arsenic Samsung Galaxy A51 5G and Samsung Galaxy A71 5G. The Exynos W920 is chiefly utilized successful wearable devices for illustration Samsung's Galaxy Watch series.

TAG’s researchers suggested that nan vulnerability is being exploited successful nan wild, arsenic portion of a larger concatenation that makes usage of different bugs, arsenic well.

"This 0-day utilization is portion of an EoP chain," TAG said successful its method write-up. "The character is capable to execute arbitrary codification successful a privileged cameraserver process. The utilization besides renamed nan process sanction itself to 'vendor.samsung.hardware.camera.provider@3.0-service,' astir apt for anti-forensic purposes." There was nary mention of different vulnerabilities exploited arsenic portion of nan chain.

Google’s researchers did not talk nan personality of nan miscreants abusing this flaw. However, it’s worthy mentioning TAG usually tracks nation-states and state-sponsored threat actors, truthful it is safe to presume that this bug was abused by a akin team, too.

Sign up to nan TechRadar Pro newsletter to get each nan apical news, opinion, features and guidance your business needs to succeed!

Nation-states usually prosecute successful cyber-espionage and personality theft, truthful it is imaginable that whoever abused this flaw, tried to driblet an infostealer, aliases a tracker, onto a Samsung device.

More from TechRadar Pro

Samsung is offering up to $1 cardinal to anyone who tin find information flaws successful its software
Here's a database of nan best firewalls today
These are nan best endpoint protection tools correct now

Sead is simply a seasoned freelance journalist based successful Sarajevo, Bosnia and Herzegovina. He writes astir IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, information breaches, laws and regulations). In his career, spanning much than a decade, he’s written for galore media outlets, including Al Jazeera Balkans. He’s besides held respective modules connected contented penning for Represent Communications.

Source Technology