Methods to shield your cellphone from the scary Exynos modem vulnerability

Now and again, a significant vulnerability is found in units that you simply use in your each day life, which might compromise your privateness. Just lately, Google’s Undertaking Zero group uncovered a number of distant code execution vulnerabilities in Exynos modems that would enable hackers to compromise a number of the finest Android telephones just like the Google Pixel 6 and Pixel 7 with out person interplay. Worse, all they needed to do was know the sufferer’s cellphone quantity. So how are you going to shield your self if you happen to personal an Android cellphone, watch, or perhaps a automobile that makes use of an affected Exynos modem?


How unhealthy is the Samsung Exynos modem vulnerability?

Very unhealthy. In complete, Google’s Undertaking Zero discovered 18 zero-day vulnerabilities in Samsung’s Exynos modems. Of those, 4 are important as a result of they permit distant code execution with none person interplay. This fashion, provided that a hacker is aware of your cellphone quantity can a hacker remotely compromise your cellphone on the modem degree.

Under are the CVE IDs (Frequent Vulnerabilities and Exposures) of the 4 exploits:

  • CVE-2023-24033
  • CVE-2023-26496
  • CVE-2023-26497
  • CVE-2023-26498

It’s unclear if hackers used these exploits within the wild.

Anyway, Tim Willis, head of Undertaking Zero, believes {that a} expert hacker can use the exploit to compromise the sufferer’s cellphone very quickly. And due to the severity concerned and a “very uncommon mixture of the extent of entry these vulnerabilities supply and the pace with which we consider a dependable operational exploit will be created,” the Undertaking Zero group determined to remove the 4 exploits to be disclosed at a later date as soon as totally patched.

The remaining 14 vulnerabilities usually are not that extreme as they require the hacker to entry the system or contain a rogue cellular community operator.

Which units and Samsung modems are affected by the vulnerability?

Based on Samsung Semiconductor’s product security web page, the affected chipsets embody the Exynos Modem 5123 and 5300, and the Exynos 980, 1080, 1280, and 2200 processors.

The next units are affected by the vulnerabilities in Samsung modems:

  • Google Pixel 6 collection, together with Pixel 6a
  • Google Pixel 7 collection
  • Vivo S6, S15, S16, X30, X60, X70 collection
  • Samsung Galaxy S22 collection
  • Samsung Galaxy A04, A12, A13, A21s, A32s, A33, A53, A71, M12, M13 and M33 collection
  • Autos with Exynos Auto T5123 chipset

It was initially believed that Samsung’s Exynos W920 wearable chipset, discovered within the Galaxy Watch 4 and Watch 5 collection, was additionally susceptible. That was incorrect, nevertheless, as Samsung has up to date its safety advisory because the unique announcement to take away all point out of the chip.

Methods to shield your Google Pixel 6 or Pixel 7 from the scary Exynos modem vulnerability?

Google patched all 4 important vulnerabilities on its Pixel telephones with the March 2023 safety patch. You possibly can undergo the corporate’s newest Android safety bulletin to substantiate this. Initially, the Undertaking Zero group believed that Google solely patched one of many 4 vulnerabilities with this replace, however that isn’t the case.

So if you happen to personal one in every of Google’s 2021 or 2022 Pixel telephones, your finest guess is to put in the most recent safety patch to guard your self from this scary vulnerability. As a bonus, the March characteristic drop additionally brings a number of new options to the telephones.

Whereas Google launched this month’s safety patch particulars on March 13, the OTA replace didn’t go stay for Pixel 6 customers till every week later, on March 20. There’s at all times an choice to manually sideload the replace if it nonetheless doesn’t present up on your cellphone.

Alternatively, you possibly can disable Wi-Fi calling in your Pixel till the March 2023 replace is accessible for obtain. This may be accomplished from Settings -> Community & Web -> SIMs -> Wi-Fi Calling and turning off the change for Activate Wi-Fi calling.

The catch is that there’s no approach to disable VoLTE on Pixel telephones, because it’s a carrier-controlled change. Relying in your service, the choice might seem underneath community and web menu, though your mileage might range.

Many carriers don’t help voice calls with out VoLTE. So disabling VoLTE might have an effect on voice calls in your cellphone.

Whereas try to be wonderful till the March 2023 safety replace lands in your cellphone, you possibly can utterly disable SIM connectivity in your Pixel 6 or Pixel 7 if the vulnerability bothers you an excessive amount of.

Methods to shield your Samsung cellphone from the scary Exynos modem vulnerability?

Surprisingly, Samsung says in its assertion to Android police that not one of the six recognized vulnerabilities are “extreme”. The corporate has already patched 5 of those exploits with its March 2023 firmware. The Korean large will patch the remaining exploit with the April 2023 safety replace.

Under is Samsung’s full assertion:

Samsung takes the safety of our clients very severely. After figuring out that 6 vulnerabilities might probably have an effect on choose Galaxy units, none of which had been “critical”, Samsung launched safety patches for five of them in March. One other safety patch will likely be launched in April to handle the remaining vulnerability. As at all times, we encourage all customers to replace their units with the most recent software program to make sure the very best degree of safety.

Samsung was the primary firm to roll out the March 2023 safety patch to its telephones. Because the starting of the month, the corporate has expanded its rollout to virtually all of its standard flagship and mid-range units which have launched lately. Right here is how one can shield your cellphone from this Exynos modem vulnerability just by putting in the most recent firmware on it.

Nevertheless, some low-end Galaxy A and M collection telephones have but to obtain the patch. Till then, you possibly can disable WiFi calling and VoLTE on the cellphone. Right here’s how.

  1. Navigate to Settings -> Connections in your Samsung cellphone.
  2. Disable these WiFi calls toggle from the menu.

Like Pixel, Samsung doesn’t supply a change to disable VoLTE on its telephones. You possibly can bypass this limitation by switching your cellphone to 2G/3G solely mode Settings -> Connections -> Mobile Networks -> Community Mode.

Whereas it appears Samsung did a greater job than Google at patching the Exynos modem vulnerability, that doesn’t appear to be the case. As Undertaking Zero safety researcher Maddie Stone Notes in a tweetthe exploits had been disclosed to Samsung at the least 90 days earlier than the report was revealed. And but, on the time of writing, not all affected Galaxy telephones have acquired the replace. To be truthful, Google had lots fewer units to patch, however that’s little comfort for folk left with susceptible telephones.

What about Vivo telephones?

For those who personal a Vivo cellphone affected by the vulnerabilities, your solely choice is to disable VoLTE and Wi-Fi calling till the corporate gives a repair. In contrast to Samsung and Google, Vivo isn’t identified for its fast software program updates. Additionally, all affected units are outdated, so it’s unclear if the corporate will roll out the March 2023 patch in any respect.

What in case your automobile makes use of the affected Exynos chipset?

Sadly, there’s not a lot you are able to do in case your automobile makes use of the Exynos Auto T5123 chipset. In contrast to telephones, you possibly can’t simply flip off Wi-Fi calling and VoLTE and name it quits. However on the plus facet, it’s more durable to hack into your automobile’s Exynos modem remotely, since its quantity isn’t simply identified.

Samsung is probably going working with affected car producers to roll out a repair for the Exynos modem vulnerability. However there is no such thing as a readability as to when this may occur. Most automobiles mechanically set up an replace within the background, so that you don’t know when the exploit was patched.

Supplied the choice is current in your automobile’s infotainment system, you possibly can utterly disable cellular connectivity for just a few weeks. Hopefully this must be sufficient for Samsung and your automobile producer to patch the exploit. Till then, nevertheless, you will be unable to make use of any of your car’s distant capabilities.