samsung-exploits

Samsung Exynos 4412 Kernel Exploits Device: Samsung Galax...

EUVD-2019-7147

Malware in sbrugna...

Code injection

On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy BLE device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offer...

Unspecified Vulnerability in Samsung Mobile Devices (CNVD-2020-32823)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. A security vulnerability exists in Samsung mobile devices, which can be exploited by an attacker to successfully boot a Samsung Galaxy Note8 device with root...

Google Patches Critical Vulnerabilities in Android OS

Google patched six critical remote code execution flaws in its Android operating system as part of its October Android Security Bulletin. Four of those remote code execution flaws are tied to Android’s Media framework and impact a wide range of Android devices including Google’s Pixel and Nexus...

Wireless GUI Android Security Assessment: Hijacker

Hijacker is a Graphical User Interface for the penetration testing tools Aircrack-ng, Airodump-ng , MDK3 and Reaver . It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses. This application requires an ARM android device with an...

Critical "Same Origin Policy" Bypass Flaw Found in Samsung Android Browser

A critical vulnerability has been discovered in the browser app comes pre-installed on hundreds of millions of Samsung Android devices that could allow an attacker to steal data from browser tabs if the user visits an attacker-controlled site. Identified as CVE-2017-17692, the vulnerability is Sa...

CVE-2016-4030

Samsung SM-G920F build G920FXXU2COH2 Galaxy S6, SM-N9005 build N9005XXUGBOK6 Galaxy Note 3, GT-I9192 build I9192XXUBNB1 Galaxy S4 mini, GT-I9195 build I9195XXUCOL1 Galaxy S4 mini LTE, and GT-I9505 build I9505XXUHOJ2 Galaxy S4 devices have unintended availability of the modem in USB configuration...

Keyboard For Galaxy Note 3 - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Keyboard For Galaxy Note 3 published at the 'play' market has multiple vulnerabilities...

Two kind of vulnerabilities, you can make a billion Android phone is to obtain Root permissions-bug warning-the black bar safety net

Trend Micro reported that billions of Android device on the discovered vulnerabilities, an attacker by a simple operation to obtain root access. Currently on the market most of the smart devices are using the Qualcomm Snapdragon SoCs system chip, according to the company's official website...

Samsung Galaxy KNOX Android Browser Remote Code Execution Exploit

This Metasploit module exploits a vulnerability that exists in the KNOX security component of the Samsung Galaxy firmware that allows a remote webpage to install an APK with arbitrary permissions by abusing the 'smdm://' protocol handler registered by the KNOX component. The vulnerability has bee...

Towelroot : One-Click Android Rooting Tool Released By Geohot

Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot aka George Hotz - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on...

Backdoor found in Samsung Galaxy Devices, allows Hackers to remotely access/modify Data

Google’s Android operating system may be open source, but the version of Android that runs on most phones, tablets, and other devices includes proprietary, closed-source components. Phone makers, including Samsung ships its Smartphones with a modified version of Android, with some pre-installed...

Samsung Galaxy Note II lock screen bypass vulnerability

iOS was in the news lately for a series of security mishaps, but this time android back in scene. A security flaw discovered by Terence Eden on the Galaxy Note II with Android 4.1.2 that allows hackers to briefly bypass the phone's lock screen without needing a password. By hitting "emergency cal...

Samsung Exynos芯片内核device /dev/exynos-mem本地权限提升漏洞

BUGTRAQ ID: 56955 Exynos是韩国三星电子基于ARM构架处理器品牌。 Samsung Exynos在内核设备/dev/exynos-mem内存在安全漏洞，此设备允许所有用户读写所有物理内存，导致攻击者获取系统的root访问权限。/dev/exynos-mem用于图形处理，例如照相机、图形内存分配、hdmi等。多个设备受到影响：Samsung Galaxy S2、Samsung Galxy Note 2、MEIZU MX、所有嵌入了exynos处理器（4210和4412）的设备。有3个库使用了/dev/exynos-mem：...

CVE-2012-6422

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...

Code injection

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...

CVE-2012-6422

The CVE-2012-6422 entry concerns the kernel on certain Android devices (Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly others) using weak permissions (0666) on /dev/exynos-mem when running an Exynos 4210/4412, enabling an attacker to read or write arbitrary physical memory and achieve p...

CVE-2012-6422

The kernel in Samsung Galaxy S2, Galaxy Note 2, MEIZU MX, and possibly other Android devices, when running an Exynos 4210 or 4412 processor, uses weak permissions 0666 for /dev/exynos-mem, which allows attackers to read or write arbitrary physical memory and gain privileges via a crafted...