On April 6, security firm Kryptowire warned that various Samsung devices are vulnerable to a major security flaw that allows hackers to take over devices. Kryptowire makes Mobile Application Security Testing (MAST), a tool that scans for vulnerabilities as well as security and privacy issues.
According to the company, it discovered a vulnerability (CVE-2022-22292) that could allow hackers to take a range of actions, including making phone calls, installing/uninstalling apps, and weakening HTTPS security by installing unauthenticated certificates, in the background, or even a factory reset.
The vulnerability appears to affect almost all Samsung smartphones running Android 9 to 12 due to “insecure components” in the preinstalled phone app. Because the phone app runs with system privileges, this opens up an attack vector for bad actors. Malicious apps can exploit phone vulnerabilities to “mimic system-level activity” and access features that are supposed to be protected.
Kryptowire first discovered the vulnerability and notified Samsung in November 2021. The company released a fix in February 2022, encouraging all Samsung users to update now to keep their phones safe.
