Google warns users to take action to protect against remotely exploitable flaws in popular Android phones

MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
Content source
https://techcrunch.com/2023/03/16/google-warning-samsung-chips-flaws-android/
Google’s security research unit is sounding the alarm on a set of vulnerabilities it found in certain Samsung chips included in dozens of Android models, wearables and vehicles, fearing the flaws could be soon discovered and exploited.

In a blog post, Google’s Project Zero head Tim Willis said the in-house security researchers found and reported 18 zero-day vulnerabilities in Exynos modems produced by Samsung over the past few months, including four top-severity flaws that could compromise affected devices “silently and remotely” over the cellular network.

“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number,” Willis said.
Click to expand...
techcrunch.com

Google warns users to take action to protect against remotely exploitable flaws in popular Android phones

The four vulnerabilities found in Samsung chips can be exploited to compromise Android devices "silently and remotely" over the cell network.
techcrunch.com techcrunch.com
 
  • Like
  • +Reputation
  • Wow
Reactions: [correlate], LASER_oneXM, Zero Knowledge and 6 others
I

Ink

Administrator
Verified
Jan 8, 2011
22,490
Google recommends disabling WiFi-Calling and Voice-over-LTE until patches are available.
Note: Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings. Turning off these settings will remove the exploitation risk of these vulnerabilities.
Click to expand...

Other manufacturers include Samsung, Vivo, Google, including some wearables and vehicles are affected.
Affected devices
Samsung Semiconductor's advisories provide the list of Exynos chipsets that are affected by these vulnerabilities. Based on information from public websites that map chipsets to devices, affected products likely include:
  • Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series;
  • Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;
  • The Pixel 6 and Pixel 7 series of devices from Google;
  • any wearables that use the Exynos W920 chipset; and
  • any vehicles that use the Exynos Auto T5123 chipset.
Click to expand...
 
  • Like
Reactions: [correlate], MuzzMelbourne, oldschool and 2 others
oneeye

oneeye

Level 4
Verified
Jul 14, 2014
174
  • Like
Reactions: [correlate], Sammo, MuzzMelbourne and 2 others
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
oneeye said:
It's only the Exynos Modem chips that are being referred to. Not "chip set" per say. Pixel uses their own processor, Tensor chip. But I get it, Samsung likely uses the full Exynos chip sets.
Click to expand...
True, but it's the same modem chips that many different vendors use. Very common how companies/vendors implement parts also in laptops, PCs and Macs. I wouldn't be too surprised if it's many more vendors and models that's not on that list.
 
  • Like
Reactions: [correlate], Sammo, MuzzMelbourne and 3 others
Z

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
849
oneeye said:
Pixel uses their own processor, Tensor chip.
Click to expand...
Tensor is a Samsung produced chip that shares design aspects with Exynos chips. They helped Google design it and produce the chips in their fab. That's why Google and Samsung phones have had similar issues like battery and heating in the past because they share similar designs and similar architecture.

The good news is that Google is on the ball security wise and does a lot of good research into its products, if they did not use Samsung produced chips these bugs would of never be found.

upnorth is right on shared hardware, most mobiles use Qualcomm modems and last time I checked a lot of phones use Sony cameras.
 
  • Like
  • +Reputation
Reactions: [correlate], MuzzMelbourne, oldschool and 1 other person
upnorth

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
The chips affected by the vulnerabilities are Exynos 850, 980, 1080, 1280, 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.

Unfortunately, vendors don’t always disclose details about which chips are installed in which devices.
Click to expand...
The main way to protect yourself is by updating the BRP firmware, which usually occurs during a full firmware update of the smartphone. For instance, Google already released bug fixes for the Pixel 7 and 7 Pro as part of its March update. Unfortunately, the Pixel 6 and 6 Pro are still vulnerable at the time of posting. We recommend that Pixel owners install the latest firmware through their smartphone settings without delay. Samsung has also released code updates for the Exynos BRPs, but has yet to fix all the vulnerabilities. What’s more, the vendor of each particular device containing these chips must independently package these fixes into their new firmware. At the time of posting, such firmware for other vulnerable devices was not yet available. It goes without saying that you’ll need to install these updates as soon as they appear.

Until then, Project Zero researchers recommend disabling Voice over LTE (VoLTE) and Wi-Fi calling on smartphones with Exynos BRPs. This may degrade the quality of voice calls and slow down call connection, but will have no impact at all on the speed and quality of internet access. Until the release of the new firmware, this will protect devices from potential hacking, albeit with some loss of functionality.
Click to expand...
www.kaspersky.co.uk

Zero-click remote hacks for Samsung, Google, and Vivo smartphones

How to protect your Samsung Exynos-based smartphone against hacking
www.kaspersky.co.uk www.kaspersky.co.uk
 
  • Like
  • Thanks
Reactions: harlan4096, Zero Knowledge, oldschool and 1 other person
I

Ink

Administrator
Verified
Jan 8, 2011
22,490
This flaw means that someone could bring back the data from the part of the image that was cropped in mostly the same way the Pixel-based cropped image could be recovered. Buchanan stated, "The same exploit script works with minor changes (the pixel format is RGBA not RGB)." He added in a later post that the same issue is found with Microsoft's Snip & Sketch tool included with Windows 10, but apparently not with the original Windows 10 snipping tool.
Click to expand...
Source: Windows 10 and 11 snipping tools are saving data you thought you had deleted
 
  • Like
Reactions: Gandalf_The_Grey, vtqhtr413 and harlan4096
MuzzMelbourne

MuzzMelbourne

Level 15
Thread author
Verified
Top Poster
Well-known
Mar 13, 2022
599
Earlier this week, programmer and "accidental security researcher" Simon Aarons disclosed a bug in Google's Markup screenshot editing tool for its Pixel phones. Dubbed "acropalypse," the bug allows content you've cropped out of your Android screenshot to be partially recovered, which can be a problem if you've cropped out sensitive information.
Click to expand...
https://arstechnica.com/gadgets/202...ou-uncrop-the-last-four-years-of-screenshots/
Google Pixel bug lets you “uncrop” the last four years of screenshots
Today, Aarons' collaborator, David Buchanan, revealed that a similar bug affects the Snipping Tool app in Windows 11. As detailed by Bleeping Computer, which was able to verify the existence of the bug, PNG files all have an "IEND" data chunkthat tells software where the image file ends. A screenshot cropped with Snipping Tool and then saved over the original (the default behavior) adds a new IEND chunk to the PNG image but leaves a bunch of the original screenshot's data after the IEND chunk.
Click to expand...
arstechnica.com

“Acropalypse” Android screenshot bug turns into a 0-day Windows vulnerability

Unpatched bug can be exploited with modified versions of the Android scripts.
arstechnica.com arstechnica.com
 
  • +Reputation
  • Like
Reactions: Gandalf_The_Grey and vtqhtr413
enaph

enaph

Level 29
Verified
Honorary Member
Top Poster
Well-known
Jun 14, 2011
1,857
While we don’t usually pay attention to security issues on Android and Windows devices, one caught our eye this week. Dubbed “acropalypse,” it affects photos and screenshots that have been cropped using built-in software in Pixel phones and Windows 11 PCs.

As discovered by programmer Simon Aarons, the bug is a weird one. While looking at photos cropped by the Markup tool exclusive to Pixel phones, Aarons found that the information that was supposedly cropped out wasn’t actually deleted from the image and could be recovered with some light legwork. He even built a quick demo app to demonstrate.


As if that wasn’t bad enough, a similar bug was discovered by Chris Blume and confirmed by David Buchanan that affects the Snipping Tool in Windows 11. A screenshot cropped with Windows’ Snipping Tool and saved over the original won’t show the cropped area but also won’t fully delete it.

As Blume explains: “I opened a 198 byte PNG with Microsoft’s Snipping Tool, chose ‘Save As’ to overwrite a different PNG file (no editing), and saved a 4,762 byte file with all that extra after the PNG IEND chunk.” That means the smaller cropped file is actually larger than the original image.

Like the Pixel bug, that data can be recovered with little effort. Most of the time, the cropped-out portion probably isn’t all that important, but it could be something sensitive or embarrassing that the user wouldn’t want anyone else to see.

Microsoft and Google are expected to issue patches to fix the vulnerability in an upcoming update. It’s not clear whether the bugs affecting Pixel phones and Windows PCs are related or just coincidental, but we’re sure of one thing: Apple devices aren’t affected.

Mac and iPhone users don’t have to worry about the “acropalypse” bug spreading to iPhones and Macs. We tested several cropped images using the Mac’s screenshot tool and Photo’s crop tool on the iPhone and in all instances, the cropped photos were significantly smaller than the original image, meaning data has been appropriately removed.

So crop away. And maybe ask your Windows friends if you can help them out while you’re at it.
Click to expand...
www.macworld.com

Fear not, the ‘acropalypse’ isn't coming to your iPhone and Mac

Some Android phones and Windows PCs aren’t cropping photos as they should. But Apple devices are immune.
www.macworld.com www.macworld.com
 
  • Like
  • Love
Reactions: MuzzMelbourne, Gandalf_The_Grey and oldschool
You must log in or register to reply here.

Similar threads

enaph
    • Hundred Points
    • +Reputation
Security News Zero-Day Flaws in Mazda’s Infotainment Expose Cars to Takeover Attacks
Replies
0
Views
275
Security News
enaph
enaph
I
    • Like
OPPO smartphones to switch to in-house SoC in 2024; rumor
Replies
1
Views
582
News Archive
Zero Knowledge
Z
Gandalf_The_Grey
    • Like
    • +Reputation
Linux is safer than its competitors because developers race to fix security flaws
Replies
6
Views
1,346
News Archive
MacDefender
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top