Now Reading
Exynos chip vulnerability puts Samsung, Pixel, and Vivo phones at risk, warns Google

Exynos chip vulnerability puts Samsung, Pixel, and Vivo phones at risk, warns Google

In recent news, Google’s Project Zero security research team has identified a total of 18 security issues that are associated with Samsung’s Exynos chipsets. These chipsets are utilized in various devices, including smartphones, wearables, and cars. Of the 18 identified vulnerabilities, four were classified as critical. These critical vulnerabilities could allow hackers to remotely exploit the devices, solely with the use of the user’s phone number.

According to Tim Willis, the head of Project Zero, the four critical vulnerabilities enable hackers to remotely compromise a phone at the baseband level without any user interaction. This level of compromise would allow attackers to conduct a wide range of malicious activities, including eavesdropping on phone calls and accessing sensitive user data. Willis has also stated that skilled attackers could potentially develop an operational exploit to compromise affected devices silently and remotely, with limited additional research and development.

The remaining 14 vulnerabilities were not considered as severe since they would require either a malicious mobile network operator or an attacker with local access to the device. However, these vulnerabilities could still pose a significant threat to affected users if exploited by a skilled attacker.

Devices that may be affected by these vulnerabilities include Samsung’s S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12, and A04 series phones, Chinese brand Vivo’s S16, S15, S6, X70, X60, and X30 series phones, Google’s Pixel 6 and Pixel 7 series phones, as well as any vehicles that use the Exynos Auto T5123 chipset.

See Also
Huawei Mate X6 Redefines Foldable Technology: Durability Meets Innovation

Under Project Zero’s standard disclosure policy, security vulnerabilities are disclosed to the public after a set period of time following the reporting of such vulnerabilities to the respective software or hardware vendor.

© 2021 The Technology Express. All Rights Reserved.

Scroll To Top