Samsung security flaw left phones exposed for years

Android Police

By Manuel Vonau

Published Apr 5, 2022

There's finally a fix now, so just be sure you’re up to date with security patches

Mobile security and privacy company Kryptowire has announced that it identified a serious security flaw in Samsung phones affecting devices running Android 9 through Android 12. Samsung has already been informed of the issue and the problem has since been fixed as part of the regular security updates the company provides, so be sure to check if you’ve still got any system updates pending on your Samsung phone.

The vulnerability allows malicious apps to gain access to protected functionality without users ever granting them any permissions at all, with them only ever having to run the app once. The vulnerability allows bad actors to factory reset phones, make phone calls, install and uninstall apps at will, and undermine HTTPS connections to websites, and more. Kryptowire says that those are just some limited examples, so there might be much more.

The security issue in question resides within the pre-installed phone app that all Samsung handsets ship with. The phone app has privileged access to some underlying system features, but due to a flaw, it’s possible for other apps to hijack the phone app’s privileges.

So far, Kryptowire has tested the vulnerability on the Samsung Galaxy S21 Ultra, the S10+, and the A10e, though the company says that the list is not exhaustive and “simply meant to demonstrate that a range of Android versions, models, and builds are verified to be vulnerable.” It wouldn’t be surprising if all recent Samsung phones were affected by the issue. For what it’s worth, it seems like Samsung phones running older Android versions aren't hit. A Samsung Galaxy S8 running Android 8 wasn’t vulnerable to the attack, though the company says that it requires closer examination.

Samsung patched the vulnerability as part of its regular maintenance updates. The issue was resolved with the February 2022 security update, which has arrived on almost all recent Samsung phones already, including the Galaxy S9, which Samsung has just stopped supporting this week. Be sure to head to your phone’s system settings and make sure you’re on the latest system update.

Mobile phones are increasingly becoming an ever more lucrative attack target for hackers, and it's unclear how many more issues there are out in the open, with the critical Dirty Pipe vulnerability still out in the open and pending a fix on some handsets. Always make sure you're up to date with security patches to be protected from the latest disclosed attacks.

We’ve reached out to Samsung for comment.