Some Samsung Exynos phone chips have a worrying security flaw

Some Samsung smartphones were reportedly carrying a high severity vulnerability in their processors, allowing threat actors to escalate privileges and possibly drop malware on the devices.

Cybersecurity researchers from Google’s Threat Analysis Group (TAG) found the flaw and reported it to Samsung, which addressed the vulnerability on October 7, with a patch and a follow-up security advisory.

In the advisory, the flaw was described as an use-after-free vulnerability, tracked as CVE-2024-44068, with a severity score of 8.1 (high-severity), found in Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920.

Vulnerability chain

Samsung phones that are powered by these chips include parts of the S10 series, Note 10 and 10+, the S20 series, as well as Samsung Galaxy A51 5G and Samsung Galaxy A71 5G. The Exynos W920 is primarily used in wearable devices like Samsung’s Galaxy Watch series.

TAG’s researchers suggested that the vulnerability is being exploited in the wild, as part of a larger chain that makes use of other bugs, as well.

“This 0-day exploit is part of an EoP chain,” TAG said in its technical write-up. “The actor is able to execute arbitrary code in a privileged cameraserver process. The exploit also renamed the process name itself to ‘vendor.samsung.hardware.camera.provider@3.0-service,’ probably for anti-forensic purposes.” There was no mention of other vulnerabilities exploited as part of the chain.

Google’s researchers did not discuss the identity of the miscreants abusing this flaw. However, it’s worth mentioning TAG usually tracks nation-states and state-sponsored threat actors, so it is safe to assume that this bug was abused by a similar team, too.

Nation-states usually engage in cyber-espionage and identity theft, so it is possible that whoever abused this flaw, tried to drop an infostealer, or a tracker, onto a Samsung device.

Samsung is offering up to $1 million to anyone who can find security flaws in its softwareHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now

Related posts

How to set a printer as default

Microsoft wants to make it simpler to build AI apps with its new developer tool

7 new movies and TV shows to stream on Netflix, Prime Video, Max, and more this weekend (November 1)

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More