Security researcher Ken Gannon disclosed two exploits today that impacted Samsung’s app store on Android devices. The 1st could let an attacker install any app from the Galaxy Store without user input.
The 2nd could let an attacker open a web view and navigate to a malicious domain. The 1st exploit has been fixed with version 18.104.22.168 of the Galaxy Store app. This issue doesn’t affect users on Android 13, however, due to changes in how the platform handles intents originating from external apps that target exported components.
The 2nd exploit was fixed with version 22.214.171.124 of the Galaxy Store app. You can read about these vulnerabilities on the NCC Group’s website. These vulnerabilities are identified as CVE-2023-21433 and CVE-2023-21434 respectively.
- Vendor: Samsung
- Vendor URL: https://www.samsung.com
- Versions Affected: 126.96.36.199, other versions might be affected
- Systems Affected: Galaxy App Store Android Application (com.sec.android.app.samsungapps)
- CVE Identifier: CVE-2023-21433