Even though these days I use my iPhone as my primary smartphone device, I still own a Samsung Galaxy Note 10+ 5G for backup and burner use. If you own a Samsung smartphone, running a bunch of Android versions from 9 to 12, I have some good and bad news for you. Serious security news and seriously shocking at that time.
Researchers at Kryptowire this week published a report detailing how they discovered a critical high-severity vulnerability in the Phone app that came pre-installed on many models that could allow Hackers take control of your phone. What kind of control? Everything from factory reset and making calls to installing or removing apps, researchers say. All of this is done by an unauthorized user if the victim has installed any third-party apps that are tailored to “mimic system-level activity and hijack important protected functionality” , as reported by Kryptowire.
Bad news for Samsung smartphone users in more detail
Kryptowire’s director of engineering, Alex Lisle, posed the question, “do you ever think that someone else has access to your phone?” This is unwelcome news by his reply: “Unfortunately, you may be right.” The high-severity vulnerability, CVE-2022-22292, that the Kryptowire researchers discovered is just as shocking as Lisle said.
The Phone app, which comes pre-installed on Samsung smartphones, was found to have an insecure component that essentially gives local apps, which don’t have system-level privileges, the ability to ability to perform such privileged operations without the user’s permission.
In the full technical report on this shocking fake security bug from Samsung, the researchers say that devices running any Android version between 9 and 12 are affected. There are some differences between the 10 to 12 exploits compared to the 9 version, but the result is the same: a compromised smartphone without the user’s knowledge.
Although the full extent to which Samsung smartphones are vulnerable to this attack method is unknown, the researchers were able to demonstrate an exploit using the Samsung Galaxy S21 Ultra 5G with latest version of Android 12, for example. Samsung Galaxy S10+ and Samsung A10e were also used during compromise testing. However, a Samsung Galaxy S8 running Android 8 is not said to be vulnerable. The bad news is, if you have quite a few Samsung smartphones running Android version 9 or later, this vulnerability may already be present.
I have reached out to Samsung for an official statement but at the time of publication have yet to receive a response.
And now here’s the good news
It’s not all bad news: the full details of CVE-2022-22292 were revealed to Samsung on November 27, 2021, and a patch has been made available as part of the maintenance release program. security February 2022.
Assuming your device has been updated to show the February 2022 security patch level or later, you’re covered. However, not everyone can update or can update their device. Meanwhile, my own Galaxy Note 10+ lags behind in this respect as I haven’t used it for several months. So make sure to check if your devices are up to date. You can do this by going to the smartphone settings menu and selecting About Phone | Software Information then scroll down to Android security patch level.