Google has sent out a warning to all users who have a device running one of Samsung’s Exynos Modems. According to the Google Project Zero security team, there are 18 zero-day problems currently found in certain models that cover numerous smartphones.
The security team says four of the 18 vulnerabilities are rated as severe:
“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.”
If you are unfamiliar with Google Project Zero, it is a security team that hunts for security holes in popular software solutions. When a vulnerability is found, Google gives developers 90 days to issue a fix. If no action is taken, Project Zero publicly discloses the flaw.
Affected Devices
Samsung’s own smartphones naturally make up the bulk of devices affected by the issues. However, there are also devices from other manufacturers that license Exynos chips:
- “Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series;
- Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;
- The Pixel 6 and Pixel 7 series of devices from Google; and
- any vehicles that use the Exynos Auto T5123 chipset.”
So, Google’s own devices are also affected. Although, the company has already fixed one issue on Pixel during this month’s March 2023 security patches. As for owners of other devices, Project Zero says users can workaround the issues by turning over Wi-Fi and Voice-over-LTE (VoLTE).
Tip of the day: Having problems with pop-ups and unwanted programs in Windows? Try the hidden adware blocker of Windows Defender. We show you how to turn it on in just a few steps.
