Samsung is working to eliminate several vulnerabilities that could potentially allow hackers not only to spy on smartphone users, but in some cases to completely intercept control of mobile devices.
Security holes were discovered by Oversecured founder Sergey Toshin. According to him, about ten, more precisely, “more than a dozen” vulnerabilities of various levels were found.
Some gaps allow you to intercept SMS messages (by tricking the user into certain actions), others are much more invisible and more dangerous and do not require any action on the part of the victim. Thanks to them, hackers can get all kinds of permissions on the device and read / write arbitrary files.
Due to the severity of the vulnerabilities and because it will take Samsung up to two months to fix them, no detailed information about the revealed software flaws was reported. It is not even known which devices and operating system versions are at risk. According to reports, some of the vulnerabilities are hidden in pre-installed applications that are not necessary for the correct operation of Android.
In some cases, third-party applications can gain administrator rights on the device – at the cost of removing all other programs from it. This particular bug (number CVE-2021-25356) was already patched in April of this year and concerned the Managed Provisioning application.
In general, users are encouraged to regularly update their smartphone firmware. The availability of new versions is easily checked in the device settings.
If you notice an error, select it with the mouse and press CTRL + ENTER.