The security group "Zero Team" of the company "Google" (Google) of the existence of serious security vulnerabilities in the modem chips "Exynos" (Exynos) developed by the company "Samsung", which allows hackers to control the smartphone and obtain the phone number, according to a report quoted by the German Press Agency.

According to the Zero Team Threat Detection Team report, these vulnerabilities could allow hackers to execute remote code — known as RCE — that can take control of vulnerable devices without the user's knowledge.

Of the 18 flaws discovered by Google's Zero team, the team highlighted 4 critical flaws.

The glitch in question is caused by the failure of some security software installed for a specified number of Samsung Exynos modems to perform a security check that would verify how certain malicious applications are allowed to access important information in the device.

This information, called "privilege escalation" in cybersecurity parlance, is accessed when the device's firmware fails to prevent applications from accessing sensitive areas of the memory stick, which stores critical user information such as passwords and location data.

The flaws discovered by the Zero team allow remote code execution on the baseband modem, giving hackers sitting in a remote location full access to the highest level of privilege for all data and settings of the device, which in turn can pose a serious security threat.

The issues affect a wide range of devices, including smartphones, wearables and car platforms.

However, the reports claim that not all users are likely to have already received the update.

Zero team leader Tim Willis says the company is refraining from publishing full details of critical flaws.

Google Pixel smartphones were among the infected phones (Google Pixel)

Infected organs

Some of the most common devices that can be affected as a result of these vulnerabilities include:

  • Samsung Galaxy S22, M22, M33, M33, A13, A13, A12, A12S, A71, A71, A53, A53.
  • The old Vivo X70 flagship series.
  • The latest generation of smartphones are Google Pixel 7 and Pixel 7.
  • Smartwatches and fitness devices that use the Exynos W920 chipset, the latest generation of Samsung wearable chipsets, powering the Galaxy Watch 920 series of smartwatches.
  • Vehicles equipped with the Exynos Auto T5123 chip.

Until security gaps are filled in other phones, users must turn off Wi-Fi and Voice over LTE in particular.

According to a report by Bleeping Computer, Google has already released a patch for one of four critical flaws in the March security update for the Pixel 7 smartphone.