Samsung Galaxy (Photo: Walla! Technology, Yanon Ben Shoshan)
If you have a Samsung phone of certain models, you have reason to worry.
Google's Project Zero researchers, who specialize in finding fresh exploits, have discovered 18 such exploits of varying degrees of severity, which affect the modem unit (the part of the device that communicates with the cellular network), and when combined, can give an attacker control over your smartphone without your knowledge.
The aforementioned breaches are really fresh - from the end of 2022 and the beginning of 2023, and four of them are considered critical as they allow remote code execution on your smartphone, when all the attacker needs is your phone number.
The main and related vulnerability, numbered CVE-2023-24033, is an attack on the baseline modem chips, which may lead to a denial of service.
Which basically means that an attacker can remotely lock your phone, and prevent you from using it.
The other, less critical breaches, 14 in number, are less threatening, but still pose a risk to users.
An attacker can remotely lock your phone, preventing you from using it (Photo: ShutterStock)
According to Google researchers, the vulnerabilities affect the following devices: smartphones manufactured by Samsung models S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04.
Of these, the models that are common in Israel are the S22, A71, A53.
Also among the affected phones are the VIVO models from the S series and X30, 60, 70. Among the affected Google models are the Pixel 6 and Pixel 7, and any car device that contains the Exynos Auto T5123 chipset.
These loopholes were already fixed in the March security update, which was released for Pixel 7 devices - but not for Pixel 6 devices. Google recommends that anyone who has not yet received a security update this month, turn off the VoLTE option and calls over Wi-FI.
If the latest monthly security update is available for your device, we strongly recommend that you do not wait and install it immediately.
privacy and security