Online Security

Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users

Samsung Apps

Multiple critical security flaws have been disclosed in Samsung’s pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users’ consent and take control of the devices.

“The impact of these bugs could have allowed an attacker to access and edit the victim’s contacts, calls, SMS/MMS, install arbitrary apps with device administrator rights, or read and write arbitrary files on behalf of a system user which could change the device’s settings,” Sergey Toshin, founder of mobile security startup Oversecured, said in an analysis published Thursday.

Stack Overflow Teams

Toshin reported the flaws to Samsung in February 2021, following which patches were issued by the manufacturer as part of its monthly security updates for April and May. The list of the seven vulnerabilities is as follows –

  • CVE-2021-25356 – third-party authentication bypass in Managed Provisioning
  • CVE-2021-25388 – Arbitrary app installation vulnerability in Knox Core
  • CVE-2021-25390 – Intent redirection in PhotoTable
  • CVE-2021-25391 – Intent redirection in Secure Folder
  • CVE-2021-25392 – Possible to access notification policy file of DeX
  • CVE-2021-25393 – Possible to…

http://feedproxy.google.com/~r/TheHackersNews/~3/vLv1d8FYQKQ/hackers-can-exploit-samsung-pre.html

InvolveAsia-promote-728

Have a comment? Type it below!

Back to top button

Adblock Detected

Hi, kindly remove your adblocker to view this page.