Search
Close this search box.

BREAKING NEWS: 18 Zero-Day Bugs Found in Samsung’s Exynos Chipsets, Impacting Millions of Devices

Share:

Google’s Project Zero team, responsible for finding zero-day bugs, has recently uncovered 18 security flaws in Samsung’s Exynos chipsets used in mobile devices, wearables, and cars. These vulnerabilities were reported between late 2022 and early 2023, and four of them were classified as the most serious, allowing remote code execution (RCE) from the internet to the baseband. 

What are the vulnerabilities? 

The internet-to-baseband RCE bugs, including CVE-2023-24033 and three other vulnerabilities that are still awaiting CVE-ID, can lead to a compromise of vulnerable devices remotely without the victim’s knowledge or consent. This type of attack requires only the victim’s phone number, according to Tim Willis, Head of Project Zero. 

Why are these vulnerabilities particularly dangerous? 

Due to the level of access and the speed with which a reliable operational exploit can be crafted, disclosure for the four vulnerabilities that allow for internet-to-baseband RCE is being delayed. Experienced attackers could easily create an exploit that can remotely compromise vulnerable devices without drawing the targets’ attention. 

What devices are affected? 

Based on the list provided by Samsung, the affected devices include: 

  • Samsung’s mobile devices in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12, and A04 series 
  • Vivo’s mobile devices in the S16, S15, S6, X70, X60, and X30 series 
  • Google’s Pixel 6 and Pixel 7 series of devices 
  • Any wearables that use the Exynos W920 chipset 
  •  Vehicles that use the Exynos Auto T5123 chipset 

What can be done? 

While Samsung has provided security updates addressing these vulnerabilities to other vendors, the patches are not yet public and cannot be applied by all affected users. Each manufacturer’s patch timeline for their devices will differ. Google, for instance, has already addressed CVE-2023-24033 for impacted Pixel devices in its March 2023 security updates. Until patches are available, users can protect their devices by disabling Wi-Fi calling and Voice-over-LTE (VoLTE) to remove the attack vector. 

Samsung’s response 

Samsung confirmed Project Zero’s workaround, stating that “users can disable WiFi calling and VoLTE to mitigate the impact of this vulnerability.” They also encourage end-users to update their devices as soon as possible to ensure that they are running the latest builds that fix both disclosed and undisclosed security vulnerabilities. 

Ahmed Khanji

Ahmed Khanji

Ahmed Khanji is the CEO of Gridware, a leading cybersecurity consultancy based in Sydney, Australia. An emerging thought leader in cybersecurity, Ahmed is an Adjunct Professor at Western Sydney University and regularly contributes to cybersecurity conversations in Australia. As well as his extensive background as a security advisor to large Australian Enterprises, he is a regular keynote speaker and guest lecturer on offensive cybersecurity topics and blockchain.

Contact

Sydney Offices
Level 12, Suite 6
189 Kent Street
Sydney NSW 2000
1300 211 235

Melbourne Offices
Level 13, 114 William Street
Melbourne, VIC 3000
1300 211 235

Perth Offices
Level 32, 152 St Georges Terrace
Perth WA 6000
1300 211 235

Emergency Assistance

Under Attack?

Please fill out the form and we will respond ASAP. Alternatively, click the button to call us now.
Company

Learn more about the team at the forefront of the Australian Cyber Security scene.

About Us →

Meet the Team →

Partnerships →

Learn more about the team at the forefront of the Australian Cyber Security scene.

Career Opportunities →

Internships →

Media appearances and contributions by Gridware and our staff.

See More →

Services

Services

Whether you need us to take care of security for you, respond to incidents, or provide consulting advice, we help you stay protected.

View all services →

Web App Pen. Test Calculator →

Network Pen. Test Calculator →

Governance & Audit

Legal and regulatory protection

Penetration Testing

Uncover system vulnerabilities

Remote Working & Phishing

Fortify your defenses

Cyber Security Strategy

Adaptation to evolving threats

Cloud & Infrastructure

Secure cloud computing solutions

Gridware 360

End-to-end security suite

Gridware Managed Services

Comprehensive & proactive security

Gridware CloudControl
360

Harness the benefits of cloud technology

Gridware Incident Response 24/7

Swift, expert-led incident resolution

Solutions
Resources

Resources

A collection of our published insights, whitepapers, customer success stories and more.

Customer success stories from real Gridware customers. Find out how we have helped others stay on top of their Cyber Security.

Read More →