Kryptowire security researchers apparently found a serious security breach in Samsung Galaxy smartphones discovered. This is called CVE 2022-22292 and it affects all devices running Android 9 through 12.
Therefore, attackers can cause great damage to smartphones through the vulnerability. Criminals could potentially reset the entire device using the extended rights of the phone app, which would mean losing all data such as photos or videos. At the same time, attackers should also be able to use the vulnerability to initiate calls from the victim’s cell phone without being noticed, which could even be very costly in some cases.
According to Kryptowire, attackers could also install so-called root certificates on smart smartphones without the user’s knowledge. This means that HTTPS connections that are actually secure can be weakened, which could be used for new attacks on devices.
It is not clear if the attackers have already exploited the vulnerability. Security researchers note that the bug had already been submitted to Samsung in late 2021, after which it was fixed in February this year. For users, this means that you should definitely check if you have updated your smartphone since then. If not, it is recommended that you update your device as soon as possible.
