Multiple Samsung Mobile Devices Flaw Let Attackers Execute Arbitrary Code

In a cybersecurity update, Samsung announced the patching of 25 vulnerabilities in its mobile devices, aiming to fortify them against potential code execution and privilege escalation attacks.

This move is part of Samsung’s ongoing efforts to enhance the security of its smartphones and tablets, ensuring the safety and privacy of its users.

The vulnerabilities, identified as Samsung Vulnerabilities and Exposures (SVE) items, were disclosed in the company’s latest security bulletin.


Integrate ANY.RUN in Your Company for Effective Malware Analysis

Are you from SOC, Threat Research, or DFIR departments? If so, you can join an online community of 400,000 independent security researchers:

  • Real-time Detection
  • Interactive Malware Analysis
  • Easy to Learn by New Security Team members
  • Get detailed reports with maximum data
  • Set Up Virtual Machine in Linux & all Windows OS Versions
  • Interact with Malware Safely

If you want to test all these features now with completely free access to the sandbox:

These flaws spanned various components of Samsung devices, including the operating system, firmware, and certain proprietary software developed by Samsung.

The vulnerabilities could allow malicious actors to execute arbitrary code on the devices or escalate their privileges, thereby gaining unauthorized access to sensitive information or system functionalities.

Samsung’s swift response to these security threats underscores the company’s commitment to protecting its users from the evolving landscape of cyber threats.

By including patches for these 25 SVE items in its May 2024 Security Maintenance Release (SMR), Samsung has taken a proactive step in mitigating the risks associated with these vulnerabilities.

Here’s a detailed look at some of the specific security flaws that were patched:

SVE-2023-1778 (CVE-2024-20866): This was an authentication bypass vulnerability in the Setupwizard, which could allow unauthorized users to bypass device setup authentication mechanisms. The patch for this vulnerability involved removing unnecessary internet access during the setup process to prevent unauthorized access.

SVE-2023-2193 (CVE-2024-20855): This flaw was an improper access control issue within the multitasking framework. It could potentially allow unauthorized users to access and manipulate multitasking functionalities, leading to privilege escalation attacks. The update rectified this by enforcing stricter access controls.

SVE-2023-2265 (CVE-2024-20856): An improper authentication vulnerability in Samsung’s Secure Folder was patched. This flaw could allow attackers to bypass authentication measures and access sensitive information stored within the Secure Folder.

SVE-2024-0092 (CVE-2024-20861) and SVE-2024-0096 (CVE-2024-20862): These related vulnerabilities in SveService included a use-after-free issue and an out-of-bounds write flaw, respectively. Both could potentially lead to arbitrary code execution if exploited. The patches addressed these memory corruption issues to prevent such exploits.

SVE-2024-0234 (CVE-2024-20865): This was an authentication bypass in the bootloader that previously allowed physical attackers to flash arbitrary images. The patch added proper verification checks to prevent unauthorized flashing, enhancing the security of the device’s boot process.

SVE-2024-0357 (CVE-2024-20864): An improper access control vulnerability in DarManagerService was also rectified. This flaw could allow unauthorized access to the DarManagerService, leading to further exploitation.

The patched vulnerabilities were part of a broader security update that also incorporated fixes from Google, addressing issues related to the Android operating system.

This collaborative approach between Samsung and Google ensures that Samsung devices not only receive patches for proprietary issues but also benefit from the broader security enhancements provided by the Android platform.

Samsung has urged all users of its mobile devices to update their software to the latest version to benefit from these security enhancements.

On-Demand Webinar to Secure the Top 3 SME Attack Vectors: Watch for Free.

The company has made the updates available through its regular firmware update channels, and users can easily apply the update by navigating to the software update section in their device settings.

This latest security update is a testament to Samsung’s dedication to maintaining the trust and confidence of its users by providing timely and effective security measures.

As cyber threats continue to evolve, Samsung’s commitment to security and privacy remains unwavering, with the company continuously monitoring for new vulnerabilities and responding promptly to protect its users.

For more detailed information on the specific vulnerabilities addressed in this update and guidance on applying the security patches, users are encouraged to visit Samsung’s official security update page.

Is Your Network Under Attack? - Read CISO’s Guide to Avoiding the Next Breach - Download Free Guide

The post Multiple Samsung Mobile Devices Flaw Let Attackers Execute Arbitrary Code appeared first on GBHackers on Security | #1 Globally Trusted Cyber Security News Platform.

Go to Source
Author: Guru baran