If you have a Samsung Galaxy smartphone then update now. If you don’t, you risk having someone install an application on your smartphone and you won’t even notice. From there, I think you can imagine well what could happen. This alert arrives because flaws were discovered in the Galaxy Store application. That said, the vulnerabilities were found by researchers from the NCC Groupa well-known cybersecurity company, between November 23 and December 3, 2022. However, it was classified under the code name CVE-2023-21433.
Alert! If you have a Samsung Galaxy smartphone, update now!
The CVE number helps investigators keep track of the flaw or vulnerabilities. However when this problem is fixed the mention with this code will appear in the list of changes. In addition to the problem I mentioned above, there is a second flaw, which was attributed to CVE-2023-21434, and it allows attackers to run JavaScript on a Galaxy smartphone. That is, this code execution is also not very good.
As per the research report, the intruder can easily allow bad actors to access personal data, which can also result in app crash. Due to these vulnerabilities in the Galaxy Store app, an intruder can install any app on the user’s Samsung phone without their knowledge, and poses a huge security risk.
The good news is that the Samsung has already released an updated version that fixes both vulnerabilities. That is, a quick response from the Korean giant.
However, there is a catch. It’s just that not all devices can get the latest version from Galaxy Store. Anyway, if you have a Galaxy device running Android 13, then CVE-2023-21433 is unable to exploit your device. This is thanks to the security features of the operating system.
Anyway, what really matters is that Samsung has released a new version 4.5.49.8 of the Galaxy Store and announced the correction of vulnerabilities. Therefore, if you have not yet updated the application, we suggest that you do so immediately.