Google’s Project Zero team discovered multiple security flaws with Samsung Galaxy smartphones that could allow hackers to target devices easily.
All a hacker would need is the victim’s phone number, which can be used to compromise the phone without the user knowing anything is wrong.
“Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction and require only that the attacker know the victim's phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely,” Google said.
The devices affected are:
- Samsung Galaxy phones including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
- Vivo phones including those in the S16, S15, S6, X70, X60 and X30 series
- Google Pixel 6 and 6 Pro, Pixel 6a, Pixel 7 and 7 Pro
- Any wearables that use the Exynos W920 chipset
- Any vehicles that use the Exynos Auto T5123 chipset
Samsung is aware of the issue and is currently working on a fix.
However, until a solution is found, Google says users can protect themselves by turning off Wi-Fi calling in their device settings.
How to turn off Wi-Fi calling:
- Navigate to and open settings
- Tap connections
- Tap Wi-Fi calling
- Tap the switch to turn the feature off
- On some phones, you can also disable Wi-Fi calling from the Quick settings panel
- Swipe down from the top of the screen
- Tap the Wi-Fi calling icon to turn it off
To read Google’s full report, click here.