Google's Project Zero cybersecurity research team has published a blog post contribution, in which he points out active vulnerabilities in Exynos modem chips. Four of the 18 reported security issues with these chips are serious and could allow hackers to access your phones with just your phone number, according to the team.
Cybersecurity experts typically only disclose vulnerabilities after they have been patched. However, it seems that Samsung has not yet solved the mentioned exploits in Exynos modems. Project Zero team member Maddie Stone on Twitter stated that "end users still do not have fixes even 90 days after the report was published".
Gallery
According to researchers, the following phones and other devices may be at risk:
- Samsung Galaxy M33, M13, M12, A71, A53, A33, A21, A13, A12 and series Galaxy S22 and A04.
- Vivo S6 5G and Vivo S15, S16, X30, X60 and X70 series.
- Pixel 6 and Pixel 7 series.
- Any wearable device using the Exynos W920 chip.
- Any vehicle using the Exynos Auto T5123 chip.
You could be interested in
It's worth noting that Google patched these vulnerabilities in its March security update, but so far only for the Pixel 7 series. This means that the Pixel 6, Pixel 6 Pro, and Pixel 6a phones are still not safe from hackers able to exploit the remote code execution vulnerability between internet and basic band. "Based on our research to date, we believe that experienced attackers would be able to quickly create an operational exploit to silently and remotely compromise affected devices," the Project Zero team noted in their report.
Before Google issues the relevant update to the Pixel 6 series and Samsung and Vivo to their vulnerable devices, the Project Zero team recommends turning off Wi-Fi calling and VoLTE features on them.
I'm already so scared 🫣🫣