Millions of Samsung phones reportedly shipped with a major security flaw

Millions of Samsung phones reportedly shipped with a major security flaw

Trending 7 months ago 45
samsung logo

Oliver Cragg / Android Authority

TL;DR

  • Security researchers astatine Tel Aviv University successful Israel recovered a important information flaw successful respective Samsung phones.
  • The institution reportedly shipped implicit 100 cardinal devices with this flaw.

Samsung is usually beauteous punctual with information updates for its phones, but according to a caller report, the institution shipped implicit 100 cardinal devices with a large information flaw.

Researchers astatine Tel Aviv University successful Israel recovered (via SamMobile) that respective Samsung Galaxy S8, Galaxy S9, Galaxy S10, Galaxy S20, and Galaxy S21 models went to marketplace with a information loophole that could person allowed hackers to bargain delicate accusation specified arsenic passwords.

The study claims that the phones did not store their cryptographic keys properly. The vulnerability was recovered successful the TrustZone Operating System (TZOS) that runs alongside Android for security-sensitive functions connected Samsung phones. The responsibility laic with the implementation of the cryptographic functions wrong the TZOS.

You tin find the details of however the information researchers reverse-engineered the flaw here.

So however were you affected? Well, the occupation remained hidden until recently. Anyone with 1 of the aforementioned models could person been targetted with the exploit. However, there’s nary grounds of the same.

The bully quality is that Samsung has already patched the issues. Security researchers notified the OEM erstwhile they archetypal discovered the problem. A hole was rolled retired with the August 2021 information patch. The October 2021 information update besides addressed a consequent vulnerability.