Google warns users of Samsung Exynos zero-day vulnerabilitiessearchsecurity.techtarget.com
To prevent threat actors' from exploiting the unpatched attack vectors, Google Project Zero made an exception for four Exynos chipset flaws by extending its disclosure timeline.
- Arielle Waldman, News Writer
After discovering 18 Samsung Exynos Modem vulnerabilities, Google Project Zero veered from its standard disclosure policy for four of the zero-day flaws because public disclosure may have put users at significant risk.
In a blog post Thursday, Tim Willis, senior security engineering manager and head of Google Project Zero, described – but did not detail -- the 18 vulnerabilities that likely affect certain Samsung and Vivo mobile devices, the Pixel 6 and 7 series of devices from Google, and any vehicles that use the Exynos auto T5123 chipset. While there has been no active exploitation yet, Willis warned that four of the 18 flaws allowed for internet-to-baseband remote code execution (RCE).
Attacks exploiting those four flaws ...
Copyright of this story solely belongs to searchsecurity.techtarget.com . To see the full text click HERE