1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Some Samsung Exynos phone chips have a worrying security flaw

    From TechnologyDaily@1337:1/100 to All on Thursday, October 24, 2024 17:30:05
    Some Samsung Exynos phone chips have a worrying security flaw

    Date:
    Thu, 24 Oct 2024 16:04:00 +0000

    Description:
    Google warns nation-states could be exploiting vulnerabilities in Samsung smartphones.

    FULL STORY ======================================================================

    Some Samsung smartphones were reportedly carrying a high severity vulnerability in their processors, allowing threat actors to escalate privileges and possibly drop malware on the devices.

    Cybersecurity researchers from Googles Threat Analysis Group (TAG) found the flaw and reported it to Samsung, which addressed the vulnerability on October 7, with a patch and a follow-up security advisory.

    In the advisory , the flaw was described as an use-after-free vulnerability, tracked as CVE-2024-44068, with a severity score of 8.1 (high-severity),
    found in Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920. Vulnerability chain

    Samsung phones that are powered by these chips include parts of the S10 series, Note 10 and 10+, the S20 series, as well as Samsung Galaxy A51 5G and Samsung Galaxy A71 5G. The Exynos W920 is primarily used in wearable devices like Samsung's Galaxy Watch series.

    TAGs researchers suggested that the vulnerability is being exploited in the wild, as part of a larger chain that makes use of other bugs, as well.

    "This 0-day exploit is part of an EoP chain," TAG said in its technical write-up. "The actor is able to execute arbitrary code in a privileged cameraserver process. The exploit also renamed the process name itself to 'vendor.samsung.hardware.camera.provider@3.0-service,' probably for anti-forensic purposes." There was no mention of other vulnerabilities exploited as part of the chain.

    Googles researchers did not discuss the identity of the miscreants abusing this flaw. However, its worth mentioning TAG usually tracks nation-states and state-sponsored threat actors, so it is safe to assume that this bug was abused by a similar team, too.

    Nation-states usually engage in cyber-espionage and identity theft, so it is possible that whoever abused this flaw, tried to drop an infostealer , or a tracker, onto a Samsung device. More from TechRadar Pro Samsung is offering
    up to $1 million to anyone who can find security flaws in its software Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/some-samsung-exynos-phone-chips-have-a- worrying-security-flaw


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)