Samsung Chipset Remote Code Execution Vulnerability
Release Date:
20 Mar 2023
5735
Views
RISK: High Risk
TYPE: Operating Systems - Mobile & Apps
A vulnerability was identified in Samsung chipsets. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Impact
- Remote Code Execution
System / Technologies affected
- Samsung Chipsets: Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, Exynos Auto T5123
- Use affected chipset mobile devices:
- Samsung: S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series
- Vivo: S16, S15, S6, X70, X60 and X30 series
- Google: Pixel 6 and Pixel 7 series
- Vehicles that use the Exynos Auto T5123 chipset
Solutions
Please visit the vendor web-site for more details.
Apply workarounds issued by the vendor:
Workaround:
Reduce the vulnerability of attacks by following workaround:
Turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings
Vulnerability Identifier
Source
- https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
- https://semiconductor.samsung.com/support/quality-support/product-security-updates/
Related Link
Related Tags
Share with