Eric Zeman / Android Authority
Galaxy S22 Extremely vs Pixel 6 Professional
TL;DR
- Google’s Mission Zero has discovered 18 lively vulnerabilities on Samsung’s Exynos modems.
- 4 of these vulnerabilities may give hackers entry to your telephone by merely realizing your telephone quantity.
- Affected gadgets utilizing the unsafe Exynos modems embody the Galaxy S22 sequence, Pixel 6 sequence, and a number of other different telephones.
Replace: March 20, 2023 (1:16 AM ET): Samsung Semiconductor up to date its advisories to take away the Exynos W920 as an affected chipset, so now we have additionally eliminated it from the below-mentioned affected gadgets part. Furthermore, Samsung has clarified to Google that the Galaxy A21s is the right affected machine, not the A21 as initially acknowledged. We’ve additionally fastened that within the listing of the affected gadgets.
Authentic article: March 17, 2023 (12:38 AM ET): Google’s Mission Zero safety analysis group has posted a weblog highlighting lively vulnerabilities in Samsung’s Exynos modems. 4 of the 18 reported safety points with the Samsung chips in query are extreme and will give hackers entry to your telephones with simply the assistance of your telephone quantity.
Safety researchers often don’t disclose vulnerabilities till after they’re resolved. Nonetheless, it appears Samsung has been dragging its ft on the problem. Mission Zero researcher Maddie Stone tweeted (through TechCrunch) that “end-users nonetheless don’t have patches 90 days after the report.”
In accordance with researchers, the next telephones and different gadgets, together with autos, could be compromised if hackers have been to use the at-risk Exynos chips:
- Samsung Galaxy S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 sequence.
- Vivo S16, S15, S6, X70, X60 and X30 sequence.
- The Pixel 6 and Pixel 7 sequence.
- Any autos that use the Exynos Auto T5123 chipset.
Notably, Google has patched the problems in its March safety replace for Pixel 7 sequence. Nonetheless, the replace nonetheless hasn’t reached the Pixel 6, Pixel 6 Professional, and Pixel 6a, which implies these telephones aren’t presently secure from hackers able to exploiting the desired internet-to-baseband distant code execution vulnerability.
“With restricted extra analysis and growth, we imagine that expert attackers would have the ability to rapidly create an operational exploit to compromise affected gadgets silently and remotely,” Mission Zero famous in its report.
How are you going to shield your self?
Whereas we await Samsung and different distributors to resolve the problems affecting the Exynos chips, Google recommends you flip off Wi-Fi calling and Voice-over-LTE (VoLTE) on the affected gadgets. You must also maintain an eye fixed out for any upcoming safety updates and seize them as quickly as attainable.
