Samsung Pre-Installed Apps can be utilized by Hackers to Spy on Users

Various sensitive security errors have been discovered in Samsung’s pre-installed Android apps, which, if exploited successfully, could have permitted the attacker to access personal data without the user’s approval and take control of the devices.

What are the critical Issues on Samsung devices?

Since the starting of this year, Sergey Toshin – the founder of the Oversecure association specialized in mobile app security, discovered more than a dozen vulnerabilities affecting Samsung devices.

“The impact of these flaws could have permitted an attacker to access and edit the infected user’s personal data like contacts, calls, SMS/MMS, installed inconsistent apps with device executive rights, or write and read arbitrary files on side of a system user which could change the device’s setting.” Founder of mobile security startup oversecured said in a research published on Thursday.

Toshin discovered the bugs to Samsung in February 2021, below are patches that were concerned by the creator as part of its monthly security updates for April and May.

The list of seven vulnerabilities is as follows:

  • CVE-2021-25356: The third-party authentication bypass in Managed Provisioning 
  • CVE-2021-25388: Inconsistent app installation vulnerability in Knox Core
  • CVE-2021-25390: Intent redirection in PhotoTable
  • CVE-2021-25391: Secure Folder redirection
  • CVE-2021-25392: Potential to access notification policy file of DeX
  • CVE-2021-25393: Probable to read/write access to arbitrary files as a system user which affects the setting App
  • CVE-2021-25397: Arbitrary file write in TelephonyUI
Samsung-Pre-Installed-Apps-can-be-utilized-by-Hackers-to-Spy-on-Users-image1

The impacts of these bugs mean the threat attacker could be exploited to install the arbitrary third-party apps, permit the device admin rights to delete other installed applications or steal the critical files, read or write arbitrary files as a system user, and even can perform a privileged action.

More than 17 Bugs are discovered 

The hacker collected around $30,000 from Samsung along since the early of the year, for discovering 14 issues. The rest three susceptibilities are still waiting to be reported.

For seven of these are already reported bugs, which brought $20,690 in donation, Toshin also provides technical details and PoC exploitation recommendations. The hacker found the flaws in pre-installed apps on Samsung devices via the Oversecured scan that he made specifically to help with the operation.

It is unclear that when the solution will be served to the users because the process commonly takes about two months due to different testing of the issue to ensure that it does not cause other harm. Toshin reported all three security vulnerabilities and is currently waiting to receive the bounties.

In a reported proof-of-concept (PoC) demo, Oversecured traditional that it was possible to advantageous the intended redirection bugs in PhotoTable and Secure Folder to steal the app’s permissions to access the SD card and go through the contacts which are preserved in the phone. 

Similarly, by utilizing CVE-2021-25397 and CVE-2021-25392, a threat actor could overwrite the file containing SMS or MMS messages with vicious content and hijack data from user’s notifications.

Samsung device owners are highly instructed to implement the latest firmware updates from the company to prevent any probable security risk.

Leave a Reply