Security researchers at Google's Project Zero have discovered multiple 0-day vulnerabilities in Samsung Semiconductor's Exynos Modems, which can potentially allow remote code execution. Tim Willis, a researcher from Project Zero, has revealed that a total of 18 vulnerabilities have been discovered, with four of them being particularly severe.

These four vulnerabilities allow for Internet-to-baseband remote code execution, which means that an attacker can remotely compromise a device at the baseband level without the need for user interaction.

The vulnerabilities affect a wide range of devices, including mobile devices from Samsung, Vivo, and Google, wearables that use the Exynos W920 chipset, and vehicles that use the Exynos Auto T5123 chipset. While patch timelines are expected to vary by manufacturer, users can protect themselves from the baseband remote code execution vulnerabilities by turning off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings. End-users are also encouraged to update their devices as soon as possible to ensure that they are running the latest builds that fix both disclosed and undisclosed security vulnerabilities.

Delaying Discolures

Project Zero has decided to delay the disclosure of the four most severe vulnerabilities due to the potential for attackers to benefit significantly more than defenders if the vulnerabilities were to be disclosed. The remaining fourteen vulnerabilities have either been publicly disclosed or will be publicly disclosed if they remain unfixed after 90 days. Security researchers are urging users to stay vigilant and take steps to protect their devices until security updates are available.

