Security News > 2021 > June > Hackers can exploit bugs in Samsung pre-installed apps to spy on users
Samsung is working on patching multiple vulnerabilities affecting its mobile devices that could be used for spying or to take full control of the system.
The bugs are part of a larger set discovered and reported responsibly by one security researcher through the company's bug bounty program.
Since the beginning of the year, Sergey Toshin - the founder of Oversecured company specialized in mobile app security, found more than a dozen vulnerabilities affecting Samsung devices.
The hacker discovered the bugs in pre-installed apps on Samsung devices using the Oversecured scanner that he created specifically to help with the task.
Toshin received another hefty bounty for sharing details with Samsung about an issue in the Settings app that allowed gaining read/write access to arbitrary files with privileges of a system user.
Samsung patched most of these flaws in May. However, Toshin told BleepingComputer that Samsung also patched another set of seven bugs that he disclosed through the company's bug bounty program.
News URL
Related news
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens (source)
- Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices (source)
- Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)