Some Samsung or Pixel phones can be compromised by hackers using only your phone number

Share This Post

This bug was fixed in the March security update that the Pixel 7 series had. However, the Pixel 6 series does not yet have this feature, and Google says that users using unpatched devices should turn off VoLTE and Wi-Fi calling. devices are affected silently and remotely.” In other words, users could have made their devices compromised and potentially even without knowing it, and it seems that some attackers can also easily find and exploit that device.

The vulnerabilities were discovered in late 2022 and early 2023, and four of the eighteen vulnerabilities are considered the most critical because they allow remote code execution with just the victim’s phone number. Only one of the most severe exploits has a publicly specified Common Vulnerability and Exposure (CVE) number, with Google withholding several CVEs associated with this vulnerability in a rare exception. for the normal error disclosure protocol.

As for the main exploit for which we have information, CVE-2023-24033, its description simply states that affected baseband modem chipsets “fail to properly check the specified format types.” specified by the SDP (Session Description Protocol) module, which may result in a denial of service error.” Denial of service in this context usually means that an attacker could remotely lock your phone and prevent you from using it, although no further details were provided. Fourteen other vulnerabilities (CVE-2023-26072, CVE-2023-26073, CVE-2023-26074, CVE-2023-26075, CVE-2023-26076, and nine more pending CVE) are not as severe but still risk to the end user. To be exploited successfully, they require “a malicious mobile network operator or an attacker with local access to the device”.

For users waiting for the update and using an affected device, make sure to disable VoLTE and Wi-Fi calling for now. If the March security update is available but you haven’t, it might be time to update.

Read More:

Partnership Between Mitsubishi Electric and Nozomi Networks Strengthens Operational Technology Security Business

Mitsubishi Electric and Nozomi Networks Partnership Mitsubishi Electric and Nozomi...

Solidion Technology Inc. Completes $3.85 Million Private Placement Transaction

**Summary:** 1. Solidion TechnologyInc. has announced a private placement deal...

Analyzing the Effects of the EU’s AI Act on Tech Companies in the UK

Breaking Down the Impact of the EU’s AI Act...

Tech in Agriculture: Roundtable Discusses Innovations on the Ranch

Summary of Tech on the Ranch Roundtable Discussion: ...

Are SMEs Prioritizing Tech Investments Over Security Measures?

SMEs Dive Into Tech Investments, But Are...

Spotify Introduces Music Videos for Premium Members in Chosen Markets

3 Summaries of Spotify Unveils Music Videos for Premium...

Shearwater to Monitor Production at Equinor’s Two Oil Platforms

Shearwater GeoServices secures 4D monitoring projects from Equinor for...

Regaining Europe’s Competitive Edge in Innovation: Addressing the Innovation Lag

Europe’s Innovation Lag: How Can We Regain Our Competitive...

Related Posts

Government Warns of AI-Generated Content: Learn More about the Issue

Government issued an advisory on AI-generated content. All AI-generated content...

Africa Faces Internet Crisis: Extensive Outage Expected to Last for Months, Hardest-Hit Nations Identified

Africa’s Internet Crisis: Massive Outage Could Last Months, These...

FTC Investigates Reddit for AI Content Licensing Practices

FTC is investigating Reddit's plans...

Journalists Criticize AI Hype in Media

Summary Journalists are contributing to the hype and...