There are serious Samsung flaws been found by the bounty hunters. Samsung is currently working on a fix for a couple of bugs affecting its mobile devices, which could allow hackers to spy on users and in some cases even take over the entire system.
The cybersecurity firm oversecured founder, Sergey Toshin, who claims there are “more than a dozen” of these vulnerabilities in Samsung’s mobile devices, several of which originated through bloatware (applications that come pre-installed with the device but aren’t required for Android to run).
While some issues are less dangerous, allowing attackers to steal SMS messages from the target device (only by tricking the victim, it was added), others are stealthier and more dangerous. These often require no action from the victim, and could enable the attacker to read/write arbitrary files with heightened permissions.
In other instances, Toshin found that third-party apps could obtain device admin rights, but at the expense of deleting all other apps from the device. This particular bug, which was patched in April this year, impacted the Managed Provisioning app, and has gotten the CVE-2021-25356 tracking number.
Users are advised to update their devices’ firmware regularly. They can do so by navigating to Settings > Software Update, and pressing Check for updates. If there are any updates available, they’ll show on that screen