:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/V7XGS2OYXFC6BAQYW6IUK4SCVE.jpg)
The Threat Analysis Group of Google (TAG) has analyzed a “partial exploitation chain” of three vulnerabilities present in the devices Samsung that use the 4.14.113 kernel and the Exynos processor, which the South Korean firm generally targets the European and African markets.
This sample of spyware is linked to an unidentified “commercial surveillance provider” and was being actively used in 2020 in the Galaxy S10, A50 and A51 phone modelswhen it was identified as a JNI native library file, belonging to an application that TAG was unable to obtain.
LOOK: How do malicious apps manage to bypass Google Play’s security controls?
The three vulnerabilities were corrected in March 2021and are registered as CVE-2021-25337, CVE-2021-25369 and CVE-2021-25370, as the technology company clarifies on the Project Zero blog.
The first gives access to the content of the Samsung’s own clipboard service, allowing a malicious application to read and modify some files. The second, meanwhile, exposes sensitive kernel information while the third can corrupt memory in the DPU controller, giving read and modify access to the kernel.
Source: Elcomercio
I have worked as a journalist for over 10 years and have written for various news outlets. I currently work as an author at 24 News Recorder, mostly covering entertainment news. I have a keen interest in the industry and enjoy writing about the latest news and gossip. I am also a member of the National Association of Journalists.
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/QSWVGHQ62VC5NNO7RZSH4QRR44.jpg)
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/JTIN5PZW35HHVJ3LSMKY6L7YOM.jpg)
:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/AHSTQJANDZH2TFVSF5LT5FVSM4.jpg)
