Researchers have discovered severe security flaws in the Samsung Galaxy Store application. These vulnerabilities put millions of users, including those who use Samsung phones, tablets, smart TVs, and wearables, at risk of cyberattacks. The security flaws were found in the application, which is used to download apps and games from the Samsung Galaxy Store. According to the researchers, the security flaws could allow attackers to inject malicious code, execute remote code, and perform man-in-the-middle attacks, which could lead to the leak of sensitive information.
Furthermore, the researchers found that the application was not properly configured, allowing attackers to bypass device security measures and gain access to user data. This could then be used to launch various cyberattacks. The researchers also discovered that Samsung's authorization mechanism was vulnerable to a "rollback attack" which could allow attackers to bypass security measures.
The researchers have decided to tell Samsung about the vulnerabilities before disclosing them to the public, giving the tech giant time to patch the security flaws and protect users from potential cyberattacks. Samsung has since released an update to address the security flaws.
Security experts are recommending that all users, whether they use Samsung products or not, take steps to secure their devices and prevent attackers from being able to exploit any vulnerabilities. Additionally, users should always install the latest security updates and patches and be aware of any malicious apps or programs that may be hiding malicious software. By taking a few simple precautions, users can protect themselves from becoming victims of cybercrime.
This Cyber News was published on securityaffairs.com. Publication date: Thu, 26 Jan 2023 10:39:02 +0000