Google has found up to 18 bugs in Exynos chips, which are made by Samsung and are used in modems in smartphones, watches and cars. 4 of these errors are very serious. They allow Remote control of the device user without the need for any action on his part.
You don’t need to click anything, you just need the attacker to know the victim’s phone number.
Below you will find a list of vulnerable devices. If you find your smartphone on it, then Immediately turn off Wi-Fi and VoLTE calling. Until now, this is the only option to protect yourself from the attack, because most of the vulnerable devices still don’t have an update that patches this hole.
What models can be hacked?
Those using Exynos modems. Incomplete list below
- smart phones samsung: S22, M33, M13, M12, A71 (5G), A53, A33, A21, A13, A12, A04
- smart phones Vivo: S16, S15, S6, X70, X60, X30
- All wearable devices they use Exynos W920
- Car use Exynos Auto T5123.
Google Smartphones: The Pixel 6 and Pixel 7, which also use vulnerable Exynos, have already been patched in the March update.
But it’s not like Google patched their devices and Samsung “tidy up”. The company reported bugs to Samsung a few months back, and Samsung reportedly prepared patches, but to this day not all smartphone distributors have released patches. So, since 90 days have passed since the notice, Google has decided, in accordance with its policy, to make the information about the holes public.
I have a leaked Exynos smartphone – what do I do, how do I live?
Until an update is available for your device
Wi-Fi calling and VoLTE must be turned off
Unfortunately, on smartphones / different versions of Android, disabling these functions looks somewhat different, so you will not find a single instruction in this article.
better seek These options are in your smartphone settings. And if you find the key, write in the comments below your smartphone model and step-by-step instructions on how to access this setting. This will help other readers.
The rest of the insects are less terrible, but …
Only 4 bugs allow for egregious zero-click remote RCE attacks. others 14 errors This is less dangerous, because to successfully control the victim’s smartphone, local access to the device or at the level of a mobile operator is required. This means that ordinary internet attackers are unlikely to exploit these bugs. What about government hackers…
Given the severity of these bugs and the number of people using vulnerable devices, we decided to send out a warning about the need to disable Wi-Fi and VoLTE calling to our CyberAlerts subscribers. If you want to be aware of critical threats and you haven’t installed our app yet, click here.
Also read:
“Prone to fits of apathy. Introvert. Award-winning internet evangelist. Extreme beer expert.”
