Samsung modems have serious security flaws; Galaxy and Pixel series in danger

Google has recently announced that a serious security issue in the Samsung modems It has caused devices based on these chips, including some Pixel and Galaxy phones, to be vulnerable to hacker attacks. Samsung has not yet done anything to solve the problem.

How serious is the vulnerability of Samsung modems?

Google security research team (Project Zero) in a post inside weblog He claimed that devices with Samsung Exynos modems, including Pixel 6 and 7 near Galaxy S22 and A53, are vulnerable at basic levels. This security flaw can allow hackers to take control of the victim’s device remotely without any interaction with the victim and only by having his mobile number.

According to the announcement of Google’s security experts, experienced hackers can develop the necessary tools to exploit this vulnerability with a little research. Of course, Google mentions that the March security package fixes this problem in the Pixel phone series; But this package has not yet been released for some models like Pixel 6 and 6 Pro along with 6a. Other devices affected by the vulnerability include:

• A number of Samsung phones such as the Galaxy S22 and some M and A series models
• Some Vivo S and X series mobile phones
• Wearable gadgets with Exynos W920 chip
• Cars with Exynos Auto T5123 chip

Needless to say, only devices with Samsung modems suffer from the vulnerability discovered by Google. For this reason, owners of most Galaxy S22 devices can be sure about the security of their phone; Because the models sold outside of Europe and some African countries are equipped with Snapdragon chip and Qualcomm modem. However, popular devices like the Galaxy A53 and the European version of the Galaxy S22 will remain at risk until the security update package is released.

The old Samsung modems are not visible in the list published by Google; As a result, the previous flagships of this company, such as the Galaxy S21, are safe from this vulnerability. Also, the latest Korean flagships, the Galaxy S23 series, use the Snapdragon chip in all models, and there will be nothing to worry about for its owners. Google security experts recommend that users of said devices can disable Wi-Fi calls and VoLTE capabilities of their phones to prevent attacks; Although this will reduce the quality of voice calls.

In most cases, security researchers report the details of vulnerabilities to the responsible companies before releasing them to the public, and after 90 days, they release them to the media. It seems that Samsung has not yet managed to fix the said problem in its 18 defective modems, and for this purpose, Google, contrary to its usual practice, has refused to provide more technical details.