Security News > 2021 > June > Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices.
"The impact of these bugs could have allowed an attacker to access and edit the victim's contacts, calls, SMS/MMS, install arbitrary apps with device administrator rights, or read and write arbitrary files on behalf of a system user which could change the device's settings," Sergey Toshin, founder of mobile security startup Oversecured, said in an analysis published Thursday.
CVE-2021-25388 - Arbitrary app installation vulnerability in Knox Core.
CVE-2021-25392 - Possible to access notification policy file of DeX. CVE-2021-25393 - Possible to read/write access to arbitrary files as a system user.
CVE-2021-25397 - Arbitrary file write in TelephonyUI. The impact of these flaws means they could be exploited to install arbitrary third-party apps, grant the device admin privileges to delete other installed applications or steal sensitive files, read or write arbitrary files as a system user, and even execute privileged actions.
Samsung device owners are recommended to apply the latest firmware updates from the company to avoid any potential security risks.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/vLv1d8FYQKQ/hackers-can-exploit-samsung-pre.html
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-11 | CVE-2021-25397 | Unspecified vulnerability in Google Android 10.0/11.0/9.0 An improper access control vulnerability in TelephonyUI prior to SMR MAY-2021 Release 1 allows local attackers to write arbitrary files of telephony process via untrusted applications. | 5.5 |
2021-06-11 | CVE-2021-25393 | Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0 Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data. | 5.5 |
2021-06-11 | CVE-2021-25392 | Inadequate Encryption Strength vulnerability in Google Android 10.0/11.0/9.0 Improper protection of backup path configuration in Samsung Dex prior to SMR MAY-2021 Release 1 allows local attackers to get sensitive information via changing the path. | 5.5 |
2021-06-11 | CVE-2021-25388 | Improper Validation of Integrity Check Value vulnerability in Google Android 11.0 Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app. | 7.1 |