A major new Android bug lets hackers take over your devices
Google says dozens of Android devices, including smartphones, wearables, and vehicles, can be compromised without user interaction.
The culprit? Multiple zero-day vulnerabilities in Samsung’s Exynos modems.
That’s right – just the victim’s phone number is all an attacker needs to remotely compromise a victim’s device.
According to TechCrunch, Google’s Project Zero team discovered a total of 18 zero-day vulnerabilities, four of which are severe enough to allow an attacker to execute remote code with no user interaction.
Project Zero’s Tim Willis wrote in a blog post:
“With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.”
In other words, skilled attackers could easily create an operational exploit to compromise affected devices silently and remotely. Scary stuff, right?
So, which devices are affected by these vulnerabilities? Well, it’s not just a few devices – there are dozens. And you know what? Even Google’s latest smartphones aren’t safe from cover.
Here’s the list of products that Google provided:
- Google’s own Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, and Pixel 7 Pro
- Samsung devices in the S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12, and A04 series
- Vivo devices in the S16, S15, S6, X70, X60 and X30 series
- Any vehicles using the Exynos Auto T5123 chipset
Yea, that’s a lot of devices.
A security researcher on the Project Zero team, Maddie Stone, confirmed in a tweet that Samsung was given 90 days to release a patch, but none has been forthcoming.
So, if you own one of the affected devices and don’t want to wait for a security patch, Google advises you to turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in your device settings.
If you need help, we made a guide here on disabling Wi-Fi Calling on Samsung devices. Additionally, we’ll share them below, just in case.
How to turn off WiFi calling on a Samsung phone
You can…