Although Samsung’s chips do not perform as well as those manufactured by Qualcomm, they are generally satisfactory despite Samsung’s lengthy history of chip manufacturing. But, it was just discovered that chips built by Samsung contain security weaknesses, and these faults are very serious.
Between the end of 2022 and the beginning of 2023, the Project Zero team at Google discovered a total of eighteen zero-day vulnerabilities in the Exynos modems manufactured by Samsung. The four vulnerabilities that are considered to be the most serious can enable Internet-to-baseband remote code execution, which gives malicious actors the ability to infiltrate a smartphone without requiring any input from a user; all a hacker needs is a user’s phone number. The next fourteen vulnerabilities also permit remote code execution, but they are not as serious since they need either the cooperation of a carrier or direct physical access to the device.
These flaws are present in a broad variety of different devices, but they are most prevalent in mobile phones manufactured by Samsung and equipped with Exynos CPUs. One example of this is the European variant of the Galaxy S22. Luckily, Samsung made the decision to stop using the Exynos processor this year, which means that newer phones such as the Galaxy S23 are not impacted. Unfortunately, the most recent Pixel 6 and Pixel 7 smartphones from Google are impacted by this issue since they are powered by semiconductors manufactured by Samsung (the Google Tensor SoCs are designed and made by Samsung and are pretty much just Exynos variants).
As of the time this article was written, there is no solution available for any of these problems; thus, if you do not want to be impacted by them, you should disable features such as VoLTE and Wi-Fi calling for the time being.
Source: Google
Leave a Reply