Google Found 18 Vulnerabilities in Samsung’s Modems That Could Get Your Phones Hacked

The Exynos modems show vulnerabilities.

Google's team Project zero has found issues in Samsung modems that could potentially get mobile phones hacked, as reported by TheVerge.

Samsung Logo
A lighted logo of Samsung is pictured at the Mobile World Congress (MWC), the telecom industry's biggest annual gathering, in Barcelona on March 1, 2023. by JOSEP LAGO/AFP via Getty Images

Samsung Modems

The Samsung modems power devices, such as the Pixel 7, Pixel 7, and some of the Galaxy S22 and A53.

Based on its blog post, various Exynos modems have vulnerabilities that could allow a hacker to compromise a mobile phone at the baseband level with no user interaction remotely. It will also not require the victim's phone number.

Experienced hackers could also exploit the issue. A report by 9to5Google states that the Pixels' March security update should have already fixed the problem, but the update isn't available for the Pixel 6, 6 Pro, and 6a just yet.

For the devices to be vulnerable, they should use one of the affected Samsung modems, which exempts many S22 owners because the phones sold outside of Europe and some African countries have a Qualcomm processor with a Qualcomm modem.

On the other hand, phones with Exynos processors, such as an A53 and European S22, might be vulnerable.

Also Read: Google's Project Zero Team Says Google, Samsung, Xiaomi, Oppo did Not Deploy Security Patches for Mali GPUs Security Flaw

What Project Zero Found

Project Zero found 18 vulnerabilities in the modems, four of which are bad. Google will not be sharing any additional information on the vulnerabilities right now.

Aside from the four bad ones, the others are minor that require either a malicious mobile network operator or an attacker with local access to the device. The four bad vulnerabilities are more serious and are related to the baseband processor, which could allow a remote attacker to execute arbitrary code on the device. This could lead to a variety of attacks, including the ability to access a user's data, eavesdrop on their conversations, track their location, and more.

In addition, users should be aware of any suspicious activity on their phones, such as unexpected messages or calls from unknown numbers. If anything seems out of the ordinary, it's best not to answer or respond until you can verify who is calling/messaging you first. Additionally, if possible, avoid connecting your device over public Wi-Fi networks where attackers may be able to intercept data more easily than when connected via cellular connection alone.

It is also recommended to enable two-factor authentication (2FA) on any accounts associated with a modem where possible in order to add an extra layer of protection against potential attackers gaining access through one vulnerability or another. Furthermore, avoid connecting over public Wi-Fi networks whenever possible, as they can be more easily intercepted than cellular connections alone.

Lastly, always remain vigilant and report any suspicious activity you may observe on your phone, such as unexpected messages/calls from unknown numbers, right away so that appropriate action can be taken before anything serious happens due to a vulnerable modem connection issue.

Related Article: Google Obtains Partial Exploit Chain for Samsung Devices, Targeted by Commercial Surveillance Vendor

April Fowell
April Fowell
ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics