![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
GoodBoy
2[H]4U
- Joined
- Nov 29, 2004
- Messages
- 2,810
From: https://scrippsnews.com/stories/how-to-turn-off-wi-fi-calling-on-android-to-combat-hackers/
Samsung is aware of the issue and is currently working on a fix. However, until a solution is found, Google says users can protect themselves by turning off Wi-Fi calling in their device settings.
All a hacker would need is the victim’s phone number, which can be used to compromise the phone without the user knowing anything is wrong.
“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction and require only that the attacker know the victim's phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely,” Google said.
yikes?
The devices affected are:
- Samsung Galaxy phones, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
- Vivo phones, including those in the S16, S15, S6, X70, X60 and X30 series
- Google Pixel 6 and 6 Pro, Pixel 6a, Pixel 7 and 7 Pro
- Any wearables that use the Exynos W920 chipset
- Any vehicles that use the Exynos Auto T5123 chipset
That some cars are in the list is troublesome...
You can install GPU-Z to see what device is in your phone. Samsung phones made for the US market typically do not run Exynos. They are built on Snapdragon which is not affected. But for Europe, you guys need to keep an eye on this.
Google's full report:
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
Google Pixel devices with the March 2023 security update already have this bug patched.
Samsung is aware of the issue and is currently working on a fix. However, until a solution is found, Google says users can protect themselves by turning off Wi-Fi calling in their device settings.
All a hacker would need is the victim’s phone number, which can be used to compromise the phone without the user knowing anything is wrong.
“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction and require only that the attacker know the victim's phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely,” Google said.
yikes?
The devices affected are:
- Samsung Galaxy phones, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
- Vivo phones, including those in the S16, S15, S6, X70, X60 and X30 series
- Google Pixel 6 and 6 Pro, Pixel 6a, Pixel 7 and 7 Pro
- Any wearables that use the Exynos W920 chipset
- Any vehicles that use the Exynos Auto T5123 chipset
That some cars are in the list is troublesome...
You can install GPU-Z to see what device is in your phone. Samsung phones made for the US market typically do not run Exynos. They are built on Snapdragon which is not affected. But for Europe, you guys need to keep an eye on this.
Google's full report:
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
Google Pixel devices with the March 2023 security update already have this bug patched.