Google’s Project Zero has reported a worrying 0-day security flaw affecting Samsung modems running on various Exynos chipsets. These vulnerabilities allow an attacker run remote code just by knowing the phone number.
Some Pixel, Samsung, Vivo phones, smartwatches and vehicles that do not have the latest security patch are exposed until they do, although there is a solution that can be taken while it arrives: disable VoLTE and Wi-Fi calling.
Dangerous vulnerability in Exynos mobiles
Google has reported a series of vulnerabilities in Samsung’s Exynos modems that allow remote code execution from the Internet. In the wrong hands, it would allow attackers to create an exploit to compromise devices. silently, only with the phone number.
The main vulnerability has received the identifier CVE-2023-24033although other related vulnerabilities remain to be published. The patch is included in the March security update.which has already been published for the Google Pixel, but it could take time to reach other devices, especially in the cheaper ranges.
The affected chips are the Samsung Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080 and Exynos Auto T512which are located inside the following terminals, according to the list that Google has compiled:
- Samsung Galaxy S22
- Samsung Galaxy M33
- Samsung Galaxy M13
- Samsung Galaxy M12
- Samsung Galaxy A71
- Samsung Galaxy A53
- Samsung Galaxy A33
- Samsung Galaxy A21
- Samsung Galaxy A13
- Samsung Galaxy A12
- Samsung Galaxy A04
- i live s16
- i live s15
- i live s6
- I live X70
- I live X60
- I live X30
- Google Pixel 6
- Google Pixel 6 Pro
- Google Pixel 6a
- Google Pixel 7
- Google Pixel 7 Pro
- Smart watches and wearables with the Exynos W920, such as the Samsung Galaxy Watch 4
- Cars with the Exynos Auto T5123
The list may not be exhaustive, although it is important to remember that Samsung’s Exynos chipsets are also present in other brands, in addition to being the basis of the Google Tensor of the Pixel. The patch is ready in the March security update, though in the meantime Google has a workaround to prevent the attack: turn off VoLTE and Wi-Fi calling.
Until security patches are available, users who want to protect their devices from baseband remote code execution vulnerabilities in Samsung Exynos chipsets can disable Wi-Fi calling and VoLTE in their device settings. Disabling these settings will prevent vulnerabilities from being exploited.
Taking into account that it affects mobiles with such disparate layers as Google, One UI and Funtouch OS, the fastest and most universal way to find the appropriate settings for disable VoLTE and Wi-Fi calling is to use the settings browser.
VoLTE and Wi-Fi Calling settings on a Samsung mobile
You don’t need to turn off VoLTE and Wi-Fi calling forever. As soon as your mobile receives the March security patch, you can activate them again again.
More information | Google Project Zero
In Xataka Android | Android security patches: what they are and why it is important to install them