Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access

The Galaxy App Retailer, the official cell app retailer obtainable on Samsung units, has two vulnerabilities, which, if exploited, might permit menace actors to put in a malicious software with out the person ever figuring out it is taken place.

The problem solely impacts units with Android 12 and decrease, in accordance with an evaluation from NCC Group.

The primary vulnerability, tracked as CVE-2023-21433, lets attackers set up purposes from the Galaxy App Retailer. The second, tracked as CVE-2023-21434, might let attackers launch a Net area they management and execute JavaScript, the NCC Group report on the bugs defined.

Samsung has launched an up to date model of the Galaxy App Retailer (model 4.5.49.8),” NCC Group’s Ken Gannon said. “Customers ought to open the Galaxy App Retailer on their cellphone, and, if prompted, obtain and set up the most recent model.”

Sustain with the most recent cybersecurity threats, newly-discovered vulnerabilities, information breach data, and rising tendencies. Delivered day by day or weekly proper to your e mail inbox.

Source

Leave a Reply

Your email address will not be published. Required fields are marked *