Esato

Samsung Android smartphones with huge security hole

17 December 2012 by
News Articles:

Technical details:
• Acer beTouch E140
• Samsung 4G LTE
• Samsung Ativ S
• Samsung Champ Neo Duos GT-C3262
• Samsung Galaxy Ace Plus
• Samsung Galaxy Beam
• Samsung Galaxy Fame
• Samsung Galaxy Fame Duos
• Samsung Galaxy Grand GT-I9080
• Samsung Galaxy Grand GT-I9082
• Samsung Galaxy Music
• Samsung Galaxy Music Dual
• Samsung Galaxy Nexus
• Samsung Galaxy Note
• Samsung Galaxy Note II
• Samsung Galaxy Pocket
• Samsung Galaxy Premier
• Samsung Galaxy R I9103
• Samsung Galaxy S Advance
• Samsung Galaxy S Duos S7562
• Samsung Galaxy S II
• Samsung Galaxy S II LTE
• Samsung Galaxy S II Plus
• Samsung Galaxy S II WiMAX ISW11SC
• Samsung Galaxy S III
• Samsung Galaxy S III Mini
• Samsung Galaxy S4
• Samsung Galaxy W
• Samsung Galaxy Xcover GT-S5690
• Samsung Galaxy Xcover II
• Samsung Galaxy Y Duos
• Samsung Galaxy Y Pro
• Samsung Galaxy Y Pro Duos
• Samsung Galaxy Young
• Samsung Galaxy Young Duos
• Samsung Omnia W
• Samsung Rex 60
• Samsung Rex 70
• Samsung Rex 80
• Samsung Rex 90
• Samsung Star 3
• Samsung Star 3 DUOS
• Samsung T-mobile Sidekick 4G
• Samsung Wave 3
• Samsung Wave M
• Samsung Wave Y S5380
• Sony Ericsson W8 Walkman

From the forum:
A critical security hole has been found in many of the latest Android smartphones from Samsung such as the Galaxy S III, Galaxy S II and Note 2. The vulnerability allows any installed app to gain root access

Samsung Galaxy S II security hole

The security hole was found and announced this weekend by a member of the XDA community. The security vulnerability allows installed apps to gain direct access to all physical memory on many of Samsung's best-selling Android devices. The vulnerability affect Samsung devices powered by the 4210 and 4412 Exynos system chip. Some of the possibly affected devices are Galaxy S II, Galaxy Tab 7, Galaxy Note, Galaxy Tab, Meizu MX, Galaxy S III, Galaxy Note 10.1, Lenovo K860 and Galaxy Note II. These are all powered by the Exynos 4 Dual or Exynos 5 Quad SoC.

The vulnerability allows any app to access any data as root meaning all data on the phone will be available to the app. Samsung has not made any official statement about the issue, so you will not find any solution to the problem there. But a temporarily path has been release by another XDA member. This fix will make the camera app unusable, so it might not be the solution for everyone.




Alternatively post this in the Esato forum


Please sign in to your Esato account to leave a comment regarding this article

Member name

Password
Tsepz_GP6 years, 8 months ago
There's already a patch to fix this that does not require root access:
http://project-voodoo.org/art[....]ty-no-root-required-reversible
and Samsung are investigating it:
www.phonearena.com/news/Samsu[....]-review-Exynos-exploit_id37771

Back to news headlines