A critical vulnerability has emerged in Samsung phones, which reach hundreds of millions of people every year. Thanks to the long-standing vulnerability, it is possible to access some critical functions on phones without the user’s knowledge.
open on Samsung phones
CVE-2022-22292 vulnerability detected by Kryptowire is effective between operating systems between Android 9 and 12. The vulnerability is caused by an insecure component within the phone app, allowing apps to access system-level functions.
Scandals do not end at Samsung
Applications can restore the system to factory settings making phone calls, installing apps, and can weaken HTTPS security. During this time, the user is not asked for any permission.
The vulnerability reported to Samsung in November was considered high risk by the firm and patched. It is stated that the patch has been distributed to phones in the February updates. However, there may be users who are affected by the vulnerability in the two-three-month period in between.
- Homepage
- Mobile Technologies
- Mobile Applications News
- Risk in Samsung Phone app
41267
