According to the information in Shiftdelete, New security vulnerabilities have emerged in Samsung Galaxy.
Cybersecurity firm NCC Group has warned phone users against hackers.
He stated that there are two critical vulnerabilities in the Galaxy Store application on Galaxy smartphones. It was stated that hackers can infiltrate the smartphone and install the application they want thanks to these vulnerabilities.
The first vulnerability, identified as CVE-2023-21433, allows attackers to install any application without the user’s knowledge.
The second vulnerability, CVE-2023-21434, allows attackers to run any web code they want.
UNCONFIGURABLE FILTER
Security researchers have found that the Galaxy Store contains an improperly configured filter. That is, tapping a malicious link in the app pre-installed on the Samsung device can bypass the URL filter and launch an attacker-controlled web code.
APPLICATION MAY FAIL
According to the researchers’ statements, these vulnerabilities can lead malicious people to access the personal data of device owners and crash the application.
Attackers can send requests to the Galaxy Store by instructing them to install apps. This request, sent to the store, also provides attackers with more options by providing information on whether the app was opened after installation.
