Ethical Hacking News
Samsung phone users are being targeted by attackers using a zero-day exploit that can escalate privileges and execute arbitrary code on Android devices. The vulnerability affects Samsung Exynos mobile processors and has been chained with other vulnerabilities to create an exploit chain. Google has warned of the potential threat, but the incident serves as a reminder of the ongoing need for increased vigilance when it comes to mobile device security.
A zero-day exploit affecting Samsung phone users has been discovered, allowing attackers to execute arbitrary code on Android devices. The vulnerability exists in the memory management and page mapping of Samsung Exynos mobile processors and can be chained with other vulnerabilities to escalate privileges. The exploit was identified by Google security researchers Xingyu Jin and Clement Lecigene, who reported it to Samsung. The affected devices are Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920. Attackers have already begun chaining the flaw with other vulnerabilities as part of an exploit chain, potentially deploying snooping malware on people's phones.
A recent warning from Google has shed light on a newly discovered zero-day exploit affecting Samsung phone users. The vulnerability, tracked as CVE-2024-44068, is a use-after-free flaw that can be chained with other vulnerabilities to escalate privileges and execute arbitrary code on Android devices. According to Google security researchers Xingyu Jin and Clement Lecigene, the bug exists in the memory management and page mapping of Samsung Exynos mobile processors.
The vulnerability was identified by Jin, who is credited with spotting the flaw and reporting it to Samsung. Lecigene, a member of Google's Threat Analysis Group, provided further insight into how the exploit works. "This 0-day exploit is part of an EoP chain," Lecigene said. "The actor is able to execute arbitrary code in a privileged cameraserver process. The exploit also renamed the process name itself to 'vendor.samsung.hardware.camera.provider@3.0-service,' probably for anti-forensic purposes."
The use-after-free vulnerability affects Samsung Exynos mobile processors versions 9820, 9825, 980, 990, 850, and W920, according to Samsung's security advisory. The vendor patched the hole on October 7, but it appears that attackers have already begun chaining the flaw with other vulnerabilities as part of an exploit chain.
Google TAG keeps a close eye on spyware and nation-state gangs abusing zero-days for espionage purposes. Considering that both of these threats frequently attack mobile devices to keep tabs on specific targets — Google tracked 61 zero-days in the wild that specifically targeted end-user platforms and products in 2023 — it is likely that the exploit chain including CVE-2024-44068 ultimately deploys some snooping malware on people's phones.
The register reached out to Samsung for more information about the flaw and in-the-wild exploits, but did not immediately receive a response. The incident serves as a reminder of the ongoing threat landscape and the importance of keeping software up-to-date with the latest security patches.
The use-after-free vulnerability highlights the need for increased vigilance when it comes to mobile device security. As mobile devices become increasingly ubiquitous, they also become more attractive targets for attackers seeking to exploit vulnerabilities for malicious purposes.
In conclusion, the recent warning from Google regarding the Samsung phone users exposed to EoP attacks is a timely reminder of the ongoing threat landscape in the world of cybersecurity. As mobile devices continue to play an increasingly important role in our daily lives, it is essential that we remain vigilant and take steps to protect ourselves against such threats.
Related Information:
https://go.theregister.com/feed/www.theregister.com/2024/10/24/samsung_phone_eop_attacks/
https://www.forbes.com/sites/zakdoffman/2024/10/22/new-google-warning-for-samsung-users-update-to-galaxy-s24-z-fold6-z-flip6/
https://www.msn.com/en-us/news/technology/samsung-phone-users-under-attack-google-warns/ar-AA1sOq9Q
https://nvd.nist.gov/vuln/detail/CVE-2024-44068
https://www.cvedetails.com/cve/CVE-2024-44068/
Published: Wed Oct 23 19:56:04 2024 by llama3.2 3B Q4_K_M
