Samsung Exynos wireless modules vulnerable to Internet-based attack

Google Project Zero researchers have discovered 18 vulnerabilities in Samsung Exynos 5G/LTE/GSM modems regarding the identification system. Four of the bugs, under the CVE-2023-24033 banner, could enable hackers to control the wireless module with only a victim’s phone number, making it possible to achieve code at the BaseBand chip level. The cyber attack creates minimal impact on the user and can go unnoticed. A small additional study would enable an attacker to prepare for a working exploit, allowing them to access the wireless module remotely. The remaining 14 vulnerabilities are of a lower danger level, which necessitates an attacker to gain infrastructure access of the mobile operator or local access to the device.

The CVE-2023-24033 vulnerability, together with the correction in the Google Pixel firmware March update, has been resolved, leaving out only the remaining incidence of abnormalities, which haven’t been fixed. These bugs affect devices equipped with Exynos chips, including Samsung smartphones, Vivo, Google Pixel, wearable Exynos W920 devices, and automobile systems with Exynos Auto T5123 chips. Experts recommend disabling the VOLTE (Voice-Over-LTE) support in the Wi-Fi call support settings until manufacturers can fix the issue.

Due to the immediate danger posed by the vulnerabilities and the possibility of a rapid exploit, Google has excluded some rules, postponing disclosure of the problems’ essence. For the four most dangerous issues, the search engine has determined a timetable to disclose details 90 days from the notification to manufacturers. A schedule will also be followed for disclosing the remaining vulnerabilities. The CVE 2023-26072, CVE-2023-26073, CVE-2023-26074, CVE-2023-26075, and CVE-2023-26076 information vulnerabilities are already available in the error tracking system. For the remaining nine, 90 days of waiting have yet to expire. The CVE-2023-2607* vulnerabilities are caused by the encoding of specific lists and options in the NRMMMMSGCODEC and NRSMPCODEC codecs, which overwhelms the buffer during decoding.

To help preserve security, manufacturers should quickly address and eliminate these vulnerabilities.

/Reports, release notes, official announcements.