Samsung phones not updated to the latest firmware version can be attacked without the users’ knowledge, with hackers initiating calls on their behalf, installing / uninstalling applications and taking full control of the device.
According to the security company Kryptowire, hundreds of millions of Samsung phones equipped with OS versions from Android 9 to Android 12 contain a vulnerability that allows the undetectable attack of devices.
The source of the problems is Samsung’s interpretation of the Android calling application. Pre-installed on all devices of the South Korean manufacturer, it contains an “insecure component” that can be exploited for malware placement. And since the Phone application is in the category of system applications, which benefit from extended privileges, the attacks initiated in this way start directly with system-level privileges, the attackers being able to access the normally protected functions of the device, such as calling.
Labeled vulnerability CVE-2022-22292 has been fixed by Samsung in the meantime, but firmware patches don’t always arrive on vulnerable devices on time, with many users simply ignoring the notifications displayed for applying firmware updates.
According to Kryptowire’s explanations, any Samsung phone not updated to the latest firmware version offered by the manufacturer can be accessed and compromised undetectably, a well-motivated attacker can install malware applications that facilitate the collection of any desired information.
All Samsung users are encouraged to immediately update their devices to stay safe.