Android users beware! Project Zero, Google’s security research unit, has raised the alarm over vulnerabilities it found in dozens of Android models, wearables and certain chips in vehicles. Tim Willis, head of Project Zero, noted that tests have confirmed that the four vulnerabilities allow an attacker to remotely compromise a phone with no user interaction, requiring only the attacker to know the victim’s phone number.
Security vulnerabilities can endanger users’ information and privacy. Finally, a new one has been added to the vulnerability news. According to Tech Crunch, Google’s security research unit Project Zero has been alarmed by a series of vulnerabilities it has found in dozens of Android models, wearables and certain chips in vehicles.
18 ZERO-DAY VULNERABILITY!
“Testing by Project Zero confirms that these four vulnerabilities allow an attacker to remotely compromise a baseband-level phone with no user interaction, requiring the attacker to know only the victim’s phone number,” said Willis.
GET NEARLY UNLIMITED ACCESS!
According to Project Zero, the affected devices include about a dozen Samsung models, Vivo devices, and Google’s own Pixel 6 and Pixel 7 phones. Affected devices include wearables and vehicles that use these chips to connect to the cellular network.
The South Korean company confirmed in a March 2023 security list that several modems are vulnerable, affecting several Android device manufacturers.
Project Zero researcher Maddie Stone shared on Twitter that the company has 90 days to fix the bugs but hasn’t fixed it yet.
It’s rare to see Google sound the alarm before critical vulnerabilities are patched.
According to what was reported, an attacker gains the ability to remotely execute code at a device’s baseband level (essentially modems that convert cell signals into digital data), gaining virtually unlimited access to data entering and leaving an affected device, including cellular calls, text messages, and cellular data without alerting the victim. can achieve.
“Testing by Project Zero confirms that these four vulnerabilities allow an attacker to remotely compromise a baseband-level phone with no user interaction, requiring the attacker to know only the victim’s phone number,” said Willis.
Project Zero head Tim Willis said in a blog post that in-house security researchers have found and reported 18 zero-day vulnerabilities in modems manufactured by a South Korean company over the past few months. These include the four most severe vulnerabilities that could “silently and remotely” compromise affected devices over the cellular network.
JUST KNOW THE PHONE NUMBER
COMPANY CONFIRMED
According to what was reported, an attacker gains the ability to remotely execute code at a device’s baseband level (essentially modems that convert cell signals into digital data), gaining virtually unlimited access to data entering and leaving an affected device, including cellular calls, text messages, and cellular data without alerting the victim. can achieve.
