Samsung Android devices at risk. Several major security holes were discovered in Samsung's pre-installed apps. These loopholes could allow malicious users to gain access privacy without the knowledge of the owners but also to take full control of the devices.
Sergey Toshin, founder of security firm Oversecured, said Thursday:
"The impact of these errors could allow an attacker to gain access to the victim's contacts, calls, SMS / MMS, install arbitrary applications with device administrator privileges, or write arbitrary code on behalf of a system user. could change the device settings ”.
Toshin revealed vulnerabilities to Samsung in February 2021 and the company released corrective action on monthly security updates in April and May.
Here is a list of seven vulnerabilities:
- CVE-2021-25356 - Bypass Authentication
- CVE-2021-25388 - Vulnerability in Knox Core for arbitrary application installation
- CVE-2021-25390 - PhotoTable intent redirection
- CVE-2021-25391 - Insecure Folder Intent Redirection
- CVE-2021-25392 - You can access the DeX alert policy file
- CVE-2021-25393 - As a system user, you can gain read / write access to arbitrary files (affects the Settings application)
- CVE-2021-25397 - Arbitrary registration of TelephonyUI files
Security researchers warn that the above vulnerabilities could be used to install arbitrary third-party applications, grant device administrator rights to uninstall other installed applications or steal sensitive files, read or write arbitrary files as a system user, and even implementation privileged activities.
Oversecured has introduced a PoC that proves that it is possible to take advantage of PhotoTable intent redirection and Insecure Folder Intent Redirection to infringe changing the rights of applications to access SD cards and read contacts stored on the phone .
Similarly, using security vulnerabilities CVE-2021-25397 and CVE-2021-25392, an attacker could overwrite the malicious SMS / MMS message file and steal data from the user notifications.
Samsung recommends that you install the latest firmware updates immediately.