Trending

News

Google Researcher Discovers Zero-Click Vulnerability in Samsung Devices

"Google Researcher Discovers Zero-Click Vulnerability in Samsung Devices"
Listen to this article

Cybersecurity researchers have disclosed details of a critical security vulnerability in the Monkey’s Audio (APE) decoder used on Samsung smartphones. The flaw, which has since been patched, could enable code execution on affected devices.

The vulnerability, identified as CVE-2024-49415 with a CVSS score of 8.1, impacts Samsung devices running Android 12, 13, and 14.

According to Samsung’s advisory released in December 2024, the issue stems from an “out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1,” which could allow remote attackers to execute arbitrary code. The patch includes enhanced input validation to address the flaw.

Natalie Silvanovich, a researcher with Google Project Zero who discovered and reported the vulnerability, described it as a zero-click exploit that requires no user interaction to trigger. She also referred to it as a “fun new attack surface” under specific conditions.

The flaw is particularly concerning for devices configured with Google Messages’ Rich Communication Services (RCS) feature, the default setting for Galaxy S23 and S24 phones. In these cases, the transcription service decodes incoming audio locally before user interaction, creating an exploitable condition.

Silvanovich explained that the vulnerability lies in the saped_rec function in libsaped.so, which writes to a buffer allocated by the C2 media service. The buffer size is typically 0x120000, but the function can write up to three times that size if the input has a 24-byte-per-sample configuration. This makes it possible for a malicious APE file with a large blocksperframe value to overflow the buffer significantly.

In a potential attack scenario, an adversary could send a specially crafted audio message via Google Messages to a device with RCS enabled, causing the media codec process (samsung.software.media.c2) to crash.

In addition to this flaw, Samsung’s December 2024 security update addressed another high-severity vulnerability, CVE-2024-49413 (CVSS score: 7.1), in SmartSwitch. This issue could allow local attackers to install malicious applications by exploiting improper cryptographic signature verification.
Cyberkitera

Cyberkitera is a premier cybersecurity publishing platform dedicated to providing the latest insights, expert security tips, and news across all areas of cybersecurity. Our mission is to empower individuals and businesses with knowledge to prevent cyber threats, stay informed about emerging trends, and safeguard their digital assets. From industry updates to practical advice on protecting against cyber attacks, Cyberkitera is your trusted source for staying ahead in the ever-evolving world of cybersecurity.

view all posts

Related Posts

Post Comment

You May Have Missed