Google Project Zero researchers announced 18 zero-day vulnerabilities in various Samsung modems, four of which allow hackers to remotely launch malicious code. All they need to know is the victim's phone number.
Other vulnerabilities require either local access to the device or illegal actions from the operator.
The problems were found in Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080 and Exynos Auto T5123.
These modems are installed in:
- Samsung Galaxy S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series smartphones;
- Vivo smartphones S16, S15, S6, X70, X60 and X30 series;
- Google's Pixel 6 and 6 Pro, Pixel 6a, Pixel 7 and 7 Pro smartphones;
- wearable devices that use the Exynos W920 modem;
- cars with an Exynos Auto T5123 modem.
The exception was the Samsung S22 smartphone models - phones sold outside of Europe and some African countries received a Qualcomm processor and modem. The same applies to the S21 and S23 - Samsung's latest flagships use Qualcomm everywhere, while older ones with Exynos chips received a modem, which is not on the list of vulnerabilities.
Samsung has not yet fixed the problems, and Google will release a March security update for the Pixel 6, 6 Pro and 6a, where it will fix some of the vulnerabilities.
Owners of vulnerable devices are advised by Project Zero to disable Wi-Fi calls and voice over LTE.
In 2022, information security experts at Kryptowire discovered a serious vulnerability in some Samsung phones. It was found on Android smartphones 9 through 12, including the flagship Samsung S21 Ultra 5G and S10 Plus. The vulnerability allowed attackers to make phone calls, control apps, reset the device and access owner data.
