South Asian tech giant ‘Samsung’ is not safe from hackers anymore. Hackers may get access to user’s data without their knowledge. They may control their phone or exploit their personal information without any authorization or permission. What’s more concerning is that these flaws appear to be a part of a far larger group of exploitable ones. The problem was reported to Samsung’s bug bounty program by one of the company’s security experts.
Who Found These Vulnerabilities?
These flaws came to light when Sergey Toshin, founder of a mobile security startup Oversecured, pointed them out in an analysis. He spent two weeks investigating security flaws in these apps and uncovered seven potentially serious vulnerabilities during this time. These weaknesses may have led to serious privacy violations, with hackers gaining access to sensitive conversations on users’ devices.
He also stated that these issues might have enabled an attacker to view and update the victim’s contacts, calls, SMS/MMS, install arbitrary programs with device administrator permissions. Or also read and write data code on behalf of a system user, which might have changed the device’s setting.
List Of Vulnerabilities
Toshin released the vulnerabilities to Samsung in February 2021. The record of seven vulnerabilities is as follow:-
- CVE-2021-25356 – Managed Provisioning allows you to circumvent third-party authentication.
- CVE-2021-25388 – Knox Core has a vulnerability that allows any software to be installed at any time.
- CVE-2021-25390 – PhotoTable’s intent redirection
- CVE-2021-25391 – redirection of intent in the Secure Folder
- CVE-2021-25392 – Gives potential access to DeX’s notification policy file.
- CVE-2021-25393 – As a system user, you have read/write access to any file (affects the Settings app)
- CVE-2021-25397 – Arbitrary file write in TelephonyUI
Bounty Reward
Sergey Toshin had earned quite a sum of money from Samsung up to this time. First, Toshin got an enormous bounty ($5,460) for informing Samsung about a bug (CVE-2021-25393) in the Settings app that enabled acquiring read/write access to arbitrary folders with system user rights. Second, the third most expensive ($4,850) vulnerability in this February batch allowed uncontrolled file writing as a Telephony user with access to call records and SMS/MMS messages.
Toshin reported 550 above vulnerabilities in his whole career, earning over $ 1 million in bug bounties through the Hacker One platform and various bug bounty programs. He made roughly $30,000 this year alone after disclosing 14 problems to Samsung.
When Will These Issues Resolve?
In May, Samsung corrected the majority of these issues. Toshin, on the other hand, informed BleepingComputer that Samsung also fixed another set of seven problems that he reported through the company’s bug bounty program.
Samsung is yet to announce when the flaws will be corrected because the whole procedure might take up to two months. The organization must still conduct several patch testing to verify that it does not create more issues.
To eliminate any security threats, Samsung device owners are advised to install the most recent firmware upgrades from the business.
Rogue Logics provides in-depth security services for the assessment and protection of your application, data, and infrastructure against potential threats on-prem or in the cloud.
Want a consultation with the professionals at Rogue Logics, contact us and get a free quote.