The Exynos modems produced by Samsung are not free from problems. Researchers from Google’s Project Zero, which aims to identify 0-day flaws in our products and software, have announced that they have detected no less than 18 vulnerabilities in the Korean manufacturer’s chips in recent months.
Of these 18 flaws, the researchers indicate that four are quite critical, allowing an ill-intentioned person to take control of a smartphone without any interaction with the user, since the thugs only need to know the mobile number of this last. Three other flaws have yet to be classified, and the last eleven are considered much less problematic. Indeed, concerning these, Project Zero specifies that hackers should have local access to the device, which greatly limits their room for maneuver.
The list of infected smartphones is known
The names of Exynos or third-party chips that include a problematic Exynos modem are not mentioned by the researchers. On the other hand, the list of potentially affected models has been unveiled. At Samsung, it is the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 as well as the A04 and its 5G version that are problematic. At Vivo, we find the S16, S15, S6, X70, X60 and X30. Google is not spared, since the Pixel 6 and Pixel 7 series, equipped with chipsets Tensor, are affected. Finally, the Exynos W920 chips, which equip certain connected watches, and Exynos Auto T5123 are affected by the problem.
The blog post is nevertheless reassuring, since researchers from the Project Zero team indicate that the Pixel 6 and Pixel 7 ranges have already received a patch, included in their March security update. While waiting for other companies to correct these flaws, the team recommends a few tips to guard against possible attacks. She recommends disabling wifi calls (by following our tutorial backwards) as well as 4G calls (also called VoLTE) in your settings. A rather simple solution for the moment, and which should not affect the use of your smartphone too much.