Samsung Galaxy Store flaws allowed attackers to instal apps and more

You should immediately update the Galaxy Store on your Samsung smartphone and/or tablet, as a security flaw puts your device at risk.

NCC Group’s cybersecurity researchers discovered two major security flaws in the Galaxy Store app store, which ships with Samsung’s Android smartphones and tablets. Both vulnerabilities have since been patched, but you must update the store to see the changes.

CVE-2023-21433, the first vulnerability, is caused by “improper access control” in the Galaxy Store and allows malicious parties to instal apps on a user’s device without their knowledge. However, that app must be available through the Galaxy Store in the first place, and the issue only affects Android 12 and earlier – Samsung Galaxy devices upgraded to Android 13 are not affected.

It was discovered that the Galaxy App Store has an exported activity that does not handle incoming intents securely. This enables other apps installed on the same Samsung device to instal any app available on the Galaxy App Store without the user’s knowledge.

The impact of this issue is relatively minor because it can only instal apps from a relatively safe app store, but it is still important to fix.

CVE-2023-21434, another issue discovered by NCC Group, had the potential to cause problems as well. The webview filter in the Galaxy Store was not properly configured, allowing malicious domains to be accessed as long as they had similar elements to an approved URL. The main concern here was the possibility of JavaScript attacks being loaded.

Both of these security flaws have been addressed in Galaxy Store version 4.5.49.8, which is now available.

Source

Disclaimer: If you need to edit or update this news from compsmag then kindly contact us Learn more
Compsmag - Tech News & Business
Logo