Google Pixel 9 with 20% discount!

Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors

By
30comments
Google News Follow
Follow us on Google News
Samsung Android
Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors
Some of Samsung's flagship devices are affected - Major exploit found in Samsung models using Exynos 4210 and Exynos 4412 processors
Some of Samsung's flagship devices are affected
Bad news for those owning some of Samsung's flagship devices like the Samsung Galaxy S III and the Samsung GALAXY Note II. According to XDA member alephazin, Samsung devices with the Exynos 4210 or 4412 processor are vulnerable to being controlled through any Android app. The opening, he says, is dangerous and could expose the phone to apps designed to create havoc. In theory, memory could be wiped or phones could be bricked.

Another XDA member named Chainfire has devised a one click root-method using the exploit. Samsung has been notified about the situation and we wouldn't be surprised to find the Korean based manufacturer sending out a patch soon to close this opening.

In the meantime, here is a list of devices that could be affected. Samsung Galaxy S II (GT-I9100), Samsung Galaxy S III (GT-I9300), Samsung Galaxy S III LTE (GT-I9305), Samsung GALAXY Note (GT-N7000), Samsung GALAXY Note II (GT-N7100), Samsung GALAXY Note II Verizon-Locked Bootloader (SCH-I605), Samsung GALAXY Note 10.1 (GT-N8000), Samsung Galaxy Note 10.1 (GT-N8010).

A developer named Supercurio has come up with an instant fix, which needless to say, you use at your own risk. You can find the site, called Project Voodoo, by clicking on this link.

"Hi,

Recently discover a way to obtain root on S3 without ODIN flashing.
The security hole is in kernel, exactly with the device /dev/exynos-mem.

This device is R/W by all users and give access to all physical memory … what’s wrong with Samsung ? […]

The good news is we can easily obtain root on these devices and the bad is there is no control over it.

Ram dump, kernel code injection and others could be possible via app installation from Play Store. It certainly exists many ways to do that but Samsung give an easy way to exploit. This security hole is dangerous and expose phone to malicious apps. Exploitation with native C and JNI could be easily feasible."-alephazin, XDA

source: XDA, TheNextWeb, via AndroidAuthority
Create a free account and join our vibrant community
Register to enjoy the full PhoneArena experience. Here’s what you get with your PhoneArena account:
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Build your personal phone library
Register For Free
https://m-cdn.phonearena.com/images/users/39-200/Alan-F.jpg
Alan Friedman Senior News Writer
Alan, an ardent smartphone enthusiast and a veteran writer at PhoneArena since 2009, has witnessed and chronicled the transformative years of mobile technology. Owning iconic phones from the original iPhone to the iPhone 15 Pro Max, he has seen smartphones evolve into a global phenomenon. Beyond smartphones, Alan has covered the emergence of tablets, smartwatches, and smart speakers.

Recommended Stories

Loading Comments...

Popular stories

T-Mobile gift goes up in smoke, teaching everyone an important lesson
T-Mobile gift goes up in smoke, teaching everyone an important lesson
Leak reveals T-Mobile will accept trades in any condition for super iPhone 16, Galaxy S24 deal
Leak reveals T-Mobile will accept trades in any condition for super iPhone 16, Galaxy S24 deal
T-Mobile shares crash following comments made by CEO Mike Sievert
T-Mobile shares crash following comments made by CEO Mike Sievert
T-Mobile finally confirms rumors about T Life app
T-Mobile finally confirms rumors about T Life app
Third-party USB-C cables can wipe out your financial accounts before you know there's a problem
Third-party USB-C cables can wipe out your financial accounts before you know there's a problem
AT&T and Verizon are withholding crucial information from over a million customers
AT&T and Verizon are withholding crucial information from over a million customers

Latest News

Google Pixel 10 series will reportedly debut with MediaTek modem, ditching Qualcomm
Google Pixel 10 series will reportedly debut with MediaTek modem, ditching Qualcomm
Apple reportedly targets 2028 as the year its very large foldable iPad with almost no crease arrives
Apple reportedly targets 2028 as the year its very large foldable iPad with almost no crease arrives
Ex-Metro rep turns whistleblower and reveals schemes that allegedly defraud customers (UPDATE)
Ex-Metro rep turns whistleblower and reveals schemes that allegedly defraud customers (UPDATE)
In the EU, Apple will stop selling these iPhone models in approximately two weeks
In the EU, Apple will stop selling these iPhone models in approximately two weeks
The Pixel Phone app has new audio emoji for the holidays and a new location for the video call icon
The Pixel Phone app has new audio emoji for the holidays and a new location for the video call icon
AT&T shuts down its messaging apps prematurely and deletes cloud backups
AT&T shuts down its messaging apps prematurely and deletes cloud backups
FCC OKs Cingular\'s purchase of AT&T Wireless