Explorer

Hackers Can Gain Full Control Of Certain Samsung Phones With Just Contact Number: Google's Project Zero Report

There are a number of devices that can become targets of hacks and attacks, according to Google's Project Zero. The devices that have Exynos Auto T5123 chipset in them are already affected by the vulnerabilities.

Tech giant Google's bug-hunting team Project Zero has identified around eighteen security vulnerabilities affecting Exynos modems, as reported by XDAdevelpers.com on Sunday. A combination of these vulnerabilities that affect Exynos modems can allow a hacker to gain full control and access to a smartphone without the owner of the phone knowing about it. They just need the contact number of the owner of the smartphone.

There are a number of devices that can become targets of hacks and attacks, according to Google's Project Zero. The list of devices that are already affected by the vulnerabilities includes Samsung, Vivo, Pixel phones, and any devices that have Exynos Auto T5123 chipset in them.

Samnsung's S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series are highly prone to these effects. Vivo's S16, S15, S6, X70, X60 and X30 series are also on the list of affected phones. Even Google's own Pixel 6 and Pixel 7 series are prone to these vulnerabilities, reported XDAdevelpers.com.

ALSO READ: Trump Will Be Re-Elected In Landslide Victory, If Indicted: Elon Musk

Meanwhile, in the March security update, the bug has already been fixed in the Pixel 7 series. However, Google's Pixel 6 series continues to have security vulnerabilities.

According to Google, all users using unpatched devices should immediately disable their VoLTE and Wi-Fi Calling on the devices.

Head of Project Zero Tim Willis, said, "with limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely," as quoted by XDAdevelpers.com.

What he meant is that some attackers and hackers can easily exploit and hack into the device without the users having any idea about the compromise.

Currently available information on any major exploit, CVE-2023-24033, says that the affected baseband modem chipsets "do not properly check format types specified by the Session Description Protocol (SDP) module, which can lead to a denial of service," as cited by XDAdevelpers.com. 

ALSO READ: TikTok Ban: Countries That Have Restricted The Short-Video App

The non-availability of services here means that a hacker can lock the user's phone and even prevent him from accessing the device. However, there is no additional information available on this to support the claims in detail.

There are fourteen other security vulnerabilities such as CVE-2023-26072, CVE-2023-26073, CVE-2023-26074, CVE-2023-26075, CVE-2023-26076, and nine others in a similar category that are not so critical. 

However, they carry the risk till the end user. And for an exploitation attempt to succeed on them, "either a malicious mobile network operator or an attacker with local access to the device" is required.

View More
Advertisement
Advertisement
25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Advertisement

Top Headlines

Protestors Vandalise Allu Arjun's Residence In Hyderabad, Eight Arrested
Protestors Vandalise Allu Arjun's Residence In Hyderabad, Eight Arrested
Maharashtra Deputy CM Ajit Pawar Acknowledges Discontent Over Portfolios: ‘Obviously Some Are Not Happy’
Maharashtra Deputy CM Ajit Pawar Acknowledges Discontent Over Portfolios: ‘Some Are Not Happy’
PM Modi Receives Kuwait's Highest Honour 'The Order Of Mubarak Al Kabeer'
PM Modi Receives Kuwait's Highest Honour 'The Order Of Mubarak Al Kabeer'
'Why So Much hatred For Delhi': Kejriwal Attacks BJP For 'Excluding' Capital's Tableau From Republic Day Parade
'Why So Much hatred For Delhi': Kejriwal Attacks BJP For 'Excluding' Capital's Tableau From Republic Day Parade
Advertisement
ABP Premium

Videos

Mamata Machinery IPO Opens for Subscription, Closes on Dec 23, Expected Listing on Dec 27Complete Farmer Registry Update by Dec 31 to Receive PM Kisan 9th InstallmentWoman Dies in Mohali Building Collapse, Rescue Operations UnderwayHuge Black Money Seized in Madhya Pradesh Lokayukta Raids, Over Rs 7.98 Crore Discovered

Photo Gallery

Embed widget