Nepalitelecom is a website that provides the latest telecom news, information, and offers in Nepal.
Do follow us on our FB, Twitter to get the latest posts.
Nepalitelecom is a website that provides the latest telecom news, information, and offers in Nepal.
Do follow us on our FB, Twitter to get the latest posts.
Project Zero team of Google is pleading with Pixel 6 and 7 users and many other phones to disable VoLTE and VoWiFi due to the issue found on the Samsung Exynos modem. The supposed vulnerabilities have likely affected some Samsung phones and wearables too.
The team found 18 separate vulnerabilities in Exynos modems in the latter half of 2022 and early 2023. Four of them are considered highly risky with one of them being CVE-2023-24033 which consists of the internet-to-baseband remote code execution.
Likewise, various news outlets have mentioned that these vulnerabilities let an attacker breach into the phone’s system at the baseband level and compromise its data without the handset owner even knowing anything.
Of the 18, 14 others are not treated as severely risky because the team said, they “require either a malicious mobile network operator or an attacker with local access to the device.”
Samsung Semiconductor says the following chipsets are affected:
Meanwhile, Google made a list of devices that might have been affected due to the same issue:
Galaxy Watch 4, and 5 are also the other devices that could have the same issue.
Do note that for Pixel phones, the CVE-2023-24033 vulnerability received its fix with the March 2023 security patch. However, the Pixel 6, 6 Pro, and 6a have yet to see that March update and are currently vulnerable. Project Zero’s advice for those impacted follows:
The Project Zero team has suggested users that they can turn off VoLTE and VoWiFi on their devices to avoid the baseband remote code execution in Exynos chipsets. Users can resort to this measure until a patch becomes available.
“Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings. Turning off these settings will remove the exploitation risk of these vulnerabilities.”
Project 0 team, Google
Do you use any device that has an Exynos modem mentioned above? Do comment below to share your concern and possible fix.
Follow us on Facebook, Twitter, and Viber to get the latest news, and information about Nepal Telecom, Ncell, Smart Cell, ISPs, mobile apps, and phones in Nepal.
Comments are closed.
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More