- Alphabet Inc GOOG GOOGL Google flagged a set of susceptibilities in Samsung Electronics Co, Ltd's SSNLF Exynos chips, including mobile devices from Samsung, Vivo, Google's Pixel 6 and Pixel 7 series of devices and vehicles that use the Exynos Auto T5123 chipset.
- In late 2022 and early 2023, Google's Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor.
- The four most severe of these eighteen vulnerabilities enabled Internet-to-baseband remote code execution, Project Zero head Tim Willis wrote.
- Tests confirm that those four vulnerabilities allow attackers to remotely compromise a phone at the baseband level without user interaction and require only the victim's phone number.
- The fourteen other related vulnerabilities and nine other vulnerabilities were not as severe.
- Google advised users with affected devices to protect themselves from the baseband remote code execution vulnerabilities by turning off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings.
- Google had patched Pixel devices with its March security updates.
- Project Zero researcher Maddie Stone tweeted that Samsung had 90 days to patch the bugs but was yet to fix them.
- Samsung confirmed in March 2023 that several Exynos modems were vulnerable, affecting several Android device manufacturers.
- Price Action: GOOG shares traded higher by 0.66% at $101.73 on the last check Friday.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Comments
Loading...
Benzinga simplifies the market for smarter investing
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
Join Now: Free!
Already a member?Sign in