Serious security holes exist on many Android phone models

PV DNUM_CHZADZCACD 18:44

A series of Android smartphones have been discovered to have serious security holes, allowing hackers to easily penetrate the device.

Google's Project Zero security research team has discovered a series of serious security flaws in the Exynos modem developed by Samsung. Notably, this modem is currently used in many smartphone models and smart wearables from Samsung, Google and Vivo.


According to Project Zero, a total of 18 security vulnerabilities have been discovered in the Exynos modem developed and manufactured by Samsung, 4 of which are extremely serious security flaws that allow hackers to execute malicious code remotely via an Internet connection. Just knowing the user's phone number, hackers can easily penetrate their smartphones through these security vulnerabilities without having to directly interact with the victim's device.

Although the remaining 14 security vulnerabilities are not as serious, Project Zero still emphasizes that these security flaws are not too difficult to exploit for professional hackers and are currently being used by hackers to attack users.

Project Zero reported these security vulnerabilities to Samsung in late 2022, but to date, more than 90 days have passed, the Korean manufacturer has not released any patches. This shows that Samsung seems to be having a lot of difficulty in patching the discovered security vulnerabilities.

Samsung products currently identified to have security vulnerabilities include: the Galaxy S22 series using Exynos chips; the Galaxy M12, M13, M33 series; the Galaxy A12, A13, A21, A33, A53 and A71 series; the low-cost smartphone version Galaxy A04 and the Galaxy Watch 4/Watch5 smartwatch duo with LTE network support.

Among them, Vivo products identified to have security vulnerabilities include: S6, S15, S16, X30, X60 and X70.

Google's Pixel 6 and 7 smartphones are also among the products affected by serious security flaws.

In addition, smart wearable devices using the Exynos W920 chip and car models equipped with Samsung's Exynos Auto T5123 chip also have unpatched security flaws.

Google said it will release a patch for its smartphone models in March. Meanwhile, Samsung and Vivo have not commented on Project Zero's announcement.

Note that the products using Exynos modems mentioned by Project Zero have serious security flaws. Security experts at Project Zero recommend that, while waiting for the patch to be released, those using smartphones with security flaws should temporarily disable Wi-Fi calling and 4G LTE calling. Although this may affect call quality, it will help users protect their devices from hackers and remote intrusion.

PV