Project Zero, Google's security team, has identified some major issues with Samsung's modems that power devices like the Pixel 6, Pixel 7, and some models of the Galaxy S22 and A53.
According with a post on her blog, several different Exynos modems have security holes that could "allow an attacker to remotely compromise a phone at the root level without requiring any user interaction." All it takes is the victim's phone number. And apparently Samsung is taking too long to patch the security hole.
The team also warns that savvy hackers could exploit the issue, and says that the March security update for Pixels will fix the problem — though the update isn't yet available for the Pixel 6, 6 Pro, and 6a. The researchers report that the following devices are at risk:
Mobile devices from Samsung, Galaxy S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
Mobile devices from Vivo, S16, S15, S6, X70, X60 and X30 series
any other mobile device using the Exynos W920 chipset and any vehicles using the Exynos Auto T5123 chipset.
Please note that vulnerable devices must be using one of the affected Samsung modems.
For many S22 owners, this could be a relief as phones sold outside of Europe and some African countries have a Qualcomm processor and use Qualcomm modems. So they must be safe from these particular problems. However, phones with Exynos processors, such as the popular A53 and the European S22, are vulnerable.
