These security flaws could allow hackers to install whatever they want in the Samsung Galaxy App Store
SAMSUNG patched two vulnerabilities in the mobile apps market that could allow threat actors to install any app on a target mobile device without the device owner’s knowledge or agree.
Cybersecurity researchers from NCC Corporation discovered the vulnerabilities at the end of December 2022 and informed Samsung that the company had released a patch (version 4.5.49.8) on January 1st. year 2023.
Now, almost a month after the vulnerability was resolved, the researchers have published the technical details and the proof-of-concept (PoC) exploit code.
Install malicious apps
The first vulnerability tracked was CVE-2023-21433, an inappropriate access control vulnerability that could be used to install applications on a target endpoint. The second vulnerability, tracked as CVE-2023-21434, described as an incorrect input validation vulnerability, can be used to execute malicious JavaScript on a targeted device.
While local access is necessary to exploit both vulnerabilities, for skilled criminals that should not be a problem. The researchers demonstrated the vulnerabilities by installing the Pokemon Go app, a globally popular geolocation game based on the Pokemon world.
The researchers confirmed that while Pokemon Go is a benign app, the vulnerabilities could have been used for more sinister purposes. In fact, threat actors may have used them to gain access sensitive information (opens in a new tab) or crash mobile apps.
It should also be mentioned that Samsung devices running Android 13 are not vulnerable, even if their devices still carry an older, vulnerable version of the Galaxy Store.
This is due to additional security measures introduced in the latest version of the popular mobile OS.
However, according to figures from AppBrain, only 7% of all Android devices are using the latest version, while unsupported versions of Android (9.0 Pie and above) account for about 27% of all Android devices. Android market share.
Via: BleepingComputer (opens in a new tab)