x PhoneArena is looking for new authors! To view all available positions, click here.
  • Home
  • News
  • Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors

Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors

Posted: , by Alan F.

Tags:

Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors
Some of Samsung's flagship devices are affected

Some of Samsung's flagship devices are affected

Bad news for those owning some of Samsung's flagship devices like the Samsung Galaxy S III and the Samsung GALAXY Note II. According to XDA member alephazin, Samsung devices with the Exynos 4210 or 4412 processor are vulnerable to being controlled through any Android app. The opening, he says, is dangerous and could expose the phone to apps designed to create havoc. In theory, memory could be wiped or phones could be bricked.

Another XDA member named Chainfire has devised a one click root-method using the exploit. Samsung has been notified about the situation and we wouldn't be surprised to find the Korean based manufacturer sending out a patch soon to close this opening.

In the meantime, here is a list of devices that could be affected. Samsung Galaxy S II (GT-I9100), Samsung Galaxy S III (GT-I9300), Samsung Galaxy S III LTE (GT-I9305), Samsung GALAXY Note (GT-N7000), Samsung GALAXY Note II (GT-N7100), Samsung GALAXY Note II Verizon-Locked Bootloader (SCH-I605), Samsung GALAXY Note 10.1 (GT-N8000), Samsung Galaxy Note 10.1 (GT-N8010).

A developer named Supercurio has come up with an instant fix, which needless to say, you use at your own risk. You can find the site, called Project Voodoo, by clicking on this link.

"Hi,

Recently discover a way to obtain root on S3 without ODIN flashing.
The security hole is in kernel, exactly with the device /dev/exynos-mem.

This device is R/W by all users and give access to all physical memory … what’s wrong with Samsung ? […]

The good news is we can easily obtain root on these devices and the bad is there is no control over it.

Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible."-alephazin, XDA

source: XDA, TheNextWeb, via AndroidAuthority

30 Comments
  • Options
    Close




posted on 16 Dec 2012, 22:55 4

1. wendygarett (unregistered)


That's why you shouldn't be so wild to root your device my fellow fandroids :)

posted on 16 Dec 2012, 23:02 18

3. true1984 (Posts: 591; Member since: 23 May 2012)


actually this was built into the system.it has nothing to do with rooting. samsung released the phone with a security flaw

posted on 16 Dec 2012, 23:06 7

4. Droid_X_Doug (Posts: 5841; Member since: 22 Dec 2010)


Actually, a variation on rooting seems to be a way to plug the hole (until Sammy releases a patch)....

The vulnerability seems to exist regardless of whether the phone has been rooted. All you have to do is install a malicious app that contains code that does the exploit, and your phone belongs to the exploiter. Until a patch is released, I may be putting my phone on airplane mode while it charges overnight.

posted on 16 Dec 2012, 23:12 4

6. Dr.Phil (Posts: 914; Member since: 14 Feb 2011)


I wouldn't worry that much about it, but I would say you should go under your settings and change it so that your applications do not automatically update.

posted on 16 Dec 2012, 23:18 1

9. Droid_X_Doug (Posts: 5841; Member since: 22 Dec 2010)


I have been requiring manual updates to apps since I moved to Android back in 2010. Although there is some slight risk that malware was developed before the current publicity. Since my installed apps are from mainstream developers with at least 20,000 installs, I probably have limited (if non-existent) exposure.

posted on 16 Dec 2012, 23:09 1

5. Dr.Phil (Posts: 914; Member since: 14 Feb 2011)


Yes, and I believe that for the most part you would be safe just as long as you don't download or use any applications you suspect to exploit this security flaw. So, for instance, I don't think downloading and playing "Angry Birds" on your phone would open yourself up to this type of hacking. However, if you are the type to download applications from unknown or untrusted publishers then yeah you could have the potential of this happening.

posted on 16 Dec 2012, 23:16 1

8. sarb009 (Posts: 293; Member since: 15 Jun 2011)


Hey wendy i guess u are spoiled kid of a rich father who has nothing to do except posting stupid comments on phonearena all the day or u are a homeless person sitting near a free wifi spot who also has nothing to do. In both cases u should find a job

posted on 17 Dec 2012, 00:37

17. RaKithAPeiRiZ (Posts: 1350; Member since: 29 Dec 2011)


its the NWO

posted on 17 Dec 2012, 06:26

25. AamirSIII (banned) (Posts: 187; Member since: 04 Oct 2012)


dislikes to ur comment show how sound u and ur comment are...

posted on 17 Dec 2012, 10:37

27. PhenomFaz (Posts: 1082; Member since: 26 Sep 2012)


dude get a life!

posted on 17 Dec 2012, 22:45

28. networkdood (Posts: 6273; Member since: 31 Mar 2010)


wendy, you really need to know what you are talking about.

posted on 16 Dec 2012, 22:57 1

2. darkskoliro (Posts: 984; Member since: 07 May 2012)


Maybe they shouldnt have posted the news, now all the hackers know. Should have just sent it in and got it patched asap

posted on 16 Dec 2012, 23:13 1

7. Droid_X_Doug (Posts: 5841; Member since: 22 Dec 2010)


Somehow, I suspect desire for attention on finding the exploit won out over prudence (notify Sammy and publicize the finding after a patch was released).

posted on 16 Dec 2012, 23:23

11. phil2n (Posts: 473; Member since: 30 Apr 2012)


Flaw!, Flaw! .. or it is a Flue

posted on 16 Dec 2012, 23:22

10. joey_sfb (Posts: 2977; Member since: 29 Mar 2012)


Its always good to alert users so they can be more mindful their actions. User need to install the dangerous app which sound like any malware to me. And to code one just for samsung phone is a lack of forth sight to me.

posted on 16 Dec 2012, 23:32

14. Droid_X_Doug (Posts: 5841; Member since: 22 Dec 2010)


"And to code one just for samsung phone is a lack of forth sight to me."

How so? Between the 2 model CPUs involved, there has to be at least a couple of million vulnerable devices. Sounds like a target-rich environment to me.

posted on 16 Dec 2012, 23:27 3

12. Joshing4fun (Posts: 1047; Member since: 13 Aug 2010)


Couldn't this be good in some way? Like used for good, not evil?

posted on 16 Dec 2012, 23:30 12

13. MeoCao (unregistered)


This is why Android is strong, it has the backing of an enthusiastic community.

Good job XDA

Hopefull SS will have the patch soon.

posted on 16 Dec 2012, 23:33 2

15. wendygarett (unregistered)


The stronger the android, the more evil the malwares are, you cannot ran away from malware tho, especially in ANDROID!!

posted on 17 Dec 2012, 00:03 9

16. MeoCao (unregistered)


LOL, we prefer this to weak iOS and weak malware.

posted on 17 Dec 2012, 01:48 3

18. rusticguy (Posts: 2828; Member since: 11 Aug 2012)


How big was the "security update" in 2010 as far as Apple was concerned? Security by obscurity is M$ ways of claiming that system is more secure than others

There's a bitdefender article on Apple security in 2010 :)

posted on 17 Dec 2012, 02:38 1

19. groupsacc (Posts: 232; Member since: 28 Feb 2012)


It'd be a good idea to stop installing any apps or even updating existing apps till this is fixed.

Seems like an easy fix, just by removing the offending R/W permission. Samsung should release an apk to run this permission removal as a script asap.

posted on 17 Dec 2012, 02:56

20. bloodline (Posts: 691; Member since: 01 Dec 2011)


samsung will be quick to update

posted on 17 Dec 2012, 03:06 1

21. XaErO (Posts: 150; Member since: 25 Sep 2012)


Well, there is one BAD news and one GOOD.

1. BAD NEWS - Any app can take over the Root level access.
Samsung shall take care of this in upcoming days. So just be cautious while installing any new app even from Google Play store and look-out for the official patch from Samsung.

2. GOOD NEWS - You can root your device using this exploit.
Root your mobile device using the app developed by "Chainfire" (based on this vulnerability) with just one click. It is named as "ExynosAbuse v1.10". It is completely hassle free. This can be useful for those who can take some Risk but do not want to get into tedious "rooting" process.

posted on 17 Dec 2012, 04:31

22. someones4 (Posts: 619; Member since: 16 Sep 2012)


Apparently, this thing is for real...Was browsing the internet and an application installed itself and just bricked up my phone. lost all my data.
Anyone knows how to retrieve deleted data? i seldom perform backups

posted on 17 Dec 2012, 04:49

23. wendygarett (unregistered)


If you have dropbox, your photo and pictures will be safe, because dropbox will auto upload all your photo once your data is opened...

That's all I can help, the rest you need to ask someone elae, sorry my friends

posted on 18 Dec 2012, 07:58

30. bluescreen (Posts: 154; Member since: 22 Nov 2012)


sounds more like u were surfing porn sites and got hit by a virus lmao....sucks, trying to choke the chicken and they choked ur phone instead!!!

posted on 17 Dec 2012, 05:11

24. redmd (Posts: 895; Member since: 26 Oct 2011)


so how does this affect our everyday use of the phone?

posted on 17 Dec 2012, 08:36 1

26. mariosraptor (Posts: 110; Member since: 15 Mar 2012)


i believe Apple is behind every malware for Android. they leak them to attract people to ios

posted on 17 Dec 2012, 22:46

29. networkdood (Posts: 6273; Member since: 31 Mar 2010)


wouldn't that be something - however...this is all just fiction.

Want to comment? Please login or register.

Latest stories