Google has recently announced that a serious security issue in the Samsung modems It has made devices based on these chips, including some Pixel and Galaxy phones, vulnerable to hacker attacks. Samsung has not yet done anything to solve the problem.
How serious is the vulnerability of Samsung modems?
In a blog post, Google’s security research team (Project Zero) claimed that devices with Samsung Exynos modems, including Pixel 6 and 7 near Galaxy S22 and A53 They are vulnerable at basic levels. This security flaw can cause hackers to take control of the victim’s device remotely without any interaction with the victim and only by having his mobile number.
According to the announcement by Google security experts, experienced hackers can develop the necessary tools to exploit this vulnerability with a little research. Of course, Google mentions that the March security package fixes this problem in the Pixel phone series; But this package has not yet been released for some models like Pixel 6 and 6 Pro along with 6a. Other devices affected by the vulnerability include:
- A number of Samsung phones such as the Galaxy S22 and some M and A series models
- Some Vivo S and X series mobile phones
- Wearable gadgets with Exynos W920 chip
- Cars with Exynos Auto T5123 chip
Needless to say, only devices with Samsung modems suffer from the vulnerability discovered by Google. For this reason, owners of most Galaxy S22 devices can be sure about the security of their phone; Because the models sold outside of Europe and some African countries are equipped with Snapdragon chip and Qualcomm modem. However, popular devices such as the Galaxy A53 and the European version of the Galaxy S22 will remain at risk until the security update package is released.
The old Samsung modems do not appear in the list published by Google; As a result, the previous flagships of this company, such as the Galaxy S21, are safe from this vulnerability. Also, the latest Korean flagships, the Galaxy S23 series, use the Snapdragon chip in all models, and there will be nothing to worry about for its owners. Google security experts recommend that users of said devices can disable Wi-Fi calling and VoLTE functionality of their phone to prevent attacks; Although this will reduce the quality of voice calls.
In most cases, security researchers report the details of vulnerabilities to the responsible companies before releasing them publicly and release them to the media after 90 days. It seems that Samsung has not yet managed to fix the said problem in its 18 faulty modems, and for this purpose, Google, contrary to its usual practice, has refused to provide more technical details.