ALERT: Zero-Day Threats Found on Devices Using Samsung Chipsets

Zero-day vulnerabilities are never fun, but this is especially the case with popular devices, like the many that use the Samsung Exynos modem. Google’s Project Zero has discovered 18 such vulnerabilities in these chips, four of which allow for remote code execution. Why should you be concerned about these vulnerabilities and what can you do to minimize your risk?

Look, You Should Be Worried

We aren’t trying to scare you, but we cannot understate the danger presented by these threats. Some of these vulnerabilities are so tricky that they can be carried out with only your phone number, providing hackers access to the device without you as the victim providing them access. In short, you could be compromised without even knowing it, and that’s reason enough to educate yourself on this topic.

Here is Samsung’s list of impacted devices:

  • Samsung mobile devices, including those in the Galaxy S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
  • Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series
  • Google’s Pixel 6 and Pixel 7 series

It’s also worth noting that any of Samsung’s wearables using the Exynos W920 chipset and vehicles with the Exynos Auto T5123 chipset are affected, too. Suffice to say that the list of impacted devices extends far beyond what is listed above.

No Patches Exist Yet, But You Can Protect Yourself

The issue is quite widespread, impacting multiple kinds of devices, vendors, and manufacturers, so it will be some time before all affected devices can be patched. In the meantime, you can take measures to protect yourself by disabling features such as Wi-Fi calling and Voice-over-LTE. Furthermore, keep your device up-to-date with patches, both before and after the fix is issued.

If you use a common smartphone like the more recent Google Pixel phones and Samsung Galaxy line of devices, these updates have already been issued with the March security patch. Be sure to apply these updates as soon as possible. If you fail to do so, you’re leaving your devices wide open.

We’ll Help You Navigate This Situation

If you want to stay on top of these updates, Lantek can help. To learn more, reach out to us today at (610) 683-6883.

April 3, 2023
Shawn Kramer