Samsung has issued a security alert about a high-risk vulnerability affecting a range of Exynos-powered Galaxy devices, including smartphones and smartwatches.
The exploit, which has been under investigation for several weeks, could potentially allow unauthorized actors to gain control over affected devices. Samsung is urging users with Exynos chipsets to update to the latest security patch to protect against this vulnerability.
Exynos chips and devices at risk
The affected chips include the Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, and Exynos W920. This vulnerability impacts multiple Samsung Galaxy models, including popular lines such as the Galaxy S20, Galaxy Note 20, Galaxy S10, and Galaxy Note 10 series, as well as the Galaxy A21, Galaxy A51, and Galaxy A71.
Additionally, certain wearables, such as the Galaxy Watch 4, Galaxy Watch 5, and Galaxy Watch FE, are also at risk.
Details of the vulnerability
The vulnerability allows attackers to gain system-level access to a device and execute unauthorized code, potentially exposing sensitive user information such as banking details, personal messages, and photos. Google’s Threat Analysis Group reports that malicious actors exploited this vulnerability by disguising the malicious code as a Samsung process, making it difficult to detect during regular system scans. This concealment technique allowed hackers to maintain persistence on compromised devices without immediate detection.
While Samsung has not revealed the identity of the attackers or the scope of the incidents, Google’s security experts note that foreign actors have already successfully exploited this vulnerability in multiple cases.
Samsung’s official response indicates that they are actively working on additional patches while collaborating with security experts to further strengthen protections for Exynos chipsets.
Samsung has started rolling out security updates that are expected to address this critical vulnerability in the affected devices. Users of impacted Galaxy smartphones and watches are strongly advised to install the latest security update as soon as it becomes available.
Until the patch is installed, Samsung recommends avoiding app installations from unknown sources to reduce the risk of exposure to the exploit.
This warning comes at a challenging time for Samsung, as the company is reportedly shifting its focus away from Exynos chips for its upcoming flagship lineup, the Galaxy S25 series.
(Source)
Comments