A newly discovered vulnerability dubbed “CVE-2022-22292” allowed hackers to make phone calls, install and delete apps, weaken HTTPS security by downloading arbitrary root certificates, and deploy factory resets (i.e., wiping all of your data) on Samsung phones.
Kryptowire, a mobile security and privacy solutions company, found the critical security flaw in Samsung devices running Android versions 9, 10, 11 and 12. Kryptowire disclosed its findings to Samsung last November. Fortunately, the Korea-based tech giant patched the vulnerability in February.
How this nasty Samsung flaw operated
CVE-2022-22292 lets any local app on Samsung devices, including third-party platforms with no permissions from the owner, execute system-level privileges and activities — sans end-user approval. Without user authorization, hackers can exploit this vulnerability to wipe your data via factory resets, remove or install apps, launch phone calls (including 911), and more.
“Ever think someone else has access to your phone? Unfortunately, you may be right,” said Kryptowire CTO Alex Lisle. “Mobile applications are becoming the primary point of personal and professional activity, representing an increasingly attractive target for bad actors.”
According to the Kryptowire report, the impacted Samsung devices (running Android versions 9 to 12) included the Samsung Galaxy S21 Ultra, the Galaxy S10+ and the Galaxy A10e. The report added that Kryptowire investigators tested a Galaxy S8 device running Android 8, but it wasn’t vulnerable to CVE-2022-22292.
How Samsung users can protect their devices
Kryptowire recommends that users initiate automated mobile security scanning regularly. “As points of vulnerability and associated threats increase, a proactive security posture represents the most reliable way to protect personal […] data from bad actors,” Kryptowire said in a press release.
The mobile security company warned that cybercriminals’ hacking methods are becoming more sophisticated. As such, Kryptowire says that app developers should also be responsible for ensuring that users are protected from security-breaching malicious actors.
Fortunately, Samsung users needn’t worry about the CVE-2022-22292 vulnerability. When Kryptowire notified Samsung about the flaw on Nov. 27, 2021, Samsung slapped it with a high severity rating. As mentioned, the Korea-based tech giant patched the vulnerability last month as part of its ongoing Security Maintenance Release process. Just be sure that you have downloaded the latest security update from Samsung by going to Settings > Software update > Download and install and click “Install Now” if there is an update available.