- Home
- About Us
- IT Services
- Understanding IT
- Understanding Ransomware
- Understanding Shadow IT
- Understanding Your Virtual Identity
- Understanding the Modern Office
- IT Threat Glossary
- Understanding Business Continuity
- Understanding Windows 10
- Introducing Windows 10
- Windows Server 2003: End of Life
- Understanding the Internet of Things
- Understanding Network Security
- Understanding SOX
- Understanding BYOD
- Understanding PCI DSS
- Windows XP End of Life
- Understanding HIPAA
- Cloud Computing
- Windows 2008 Server EOL
- News & Events
- Blog
- Support
- Contact Us
- Home
- About Us
-
IT Services
-
Understanding IT
- Understanding Ransomware
- Understanding Shadow IT
- Understanding Your Virtual Identity
- Understanding the Modern Office
- IT Threat Glossary
- Understanding Business Continuity
- Understanding Windows 10
- Introducing Windows 10
- Windows Server 2003: End of Life
- Understanding the Internet of Things
- Understanding Network Security
- Understanding SOX
- Understanding BYOD
- Understanding PCI DSS
- Windows XP End of Life
- Understanding HIPAA
- Cloud Computing
- Windows 2008 Server EOL
- News & Events
- Blog
- Support
- Contact Us
SCW Blog
ALERT: Zero-Day Threats Found on Devices Using Samsung Chipsets
Zero-day vulnerabilities are never fun, but this is especially the case with popular devices, like the many that use the Samsung Exynos modem. Google’s Project Zero has discovered 18 such vulnerabilities in these chips, four of which allow for remote code execution. Why should you be concerned about these vulnerabilities and what can you do to minimize your risk?
Look, You Should Be Worried
We aren’t trying to scare you, but we cannot understate the danger presented by these threats. Some of these vulnerabilities are so tricky that they can be carried out with only your phone number, providing hackers access to the device without you as the victim providing them access. In short, you could be compromised without even knowing it, and that’s reason enough to educate yourself on this topic.
Here is Samsung’s list of impacted devices:
- Samsung mobile devices, including those in the Galaxy S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
- Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series
- Google’s Pixel 6 and Pixel 7 series
It’s also worth noting that any of Samsung’s wearables using the Exynos W920 chipset and vehicles with the Exynos Auto T5123 chipset are affected, too. Suffice to say that the list of impacted devices extends far beyond what is listed above.
No Patches Exist Yet, But You Can Protect Yourself
The issue is quite widespread, impacting multiple kinds of devices, vendors, and manufacturers, so it will be some time before all affected devices can be patched. In the meantime, you can take measures to protect yourself by disabling features such as Wi-Fi calling and Voice-over-LTE. Furthermore, keep your device up-to-date with patches, both before and after the fix is issued.
If you use a common smartphone like the more recent Google Pixel phones and Samsung Galaxy line of devices, these updates have already been issued with the March security patch. Be sure to apply these updates as soon as possible. If you fail to do so, you’re leaving your devices wide open.
We’ll Help You Navigate This Situation
If you want to stay on top of these updates, SCW can help. To learn more, reach out to us today at (509) 534-1530.
About the author
Sam is a network engineer with a broad range of experience spanning more than 35 years. He wrote is first piece of code in 1979 and has been involved with the industry ever since. For the last 20 years, he has worked for SCW Consulting where he has embraced his passion for network technology and security.
Mobile? Grab this Article!
Tag Cloud
Comments