Security News > 2025 > January > Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
2025-01-10 15:39
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey's Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. "Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote
News URL
https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html
Related news
- Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool (source)
- Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-03 | CVE-2024-49415 | Out-of-bounds Write vulnerability in Samsung Android 12.0/13.0 Out-of-bound write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code. | 9.8 |