NCC Group’s cybersecurity researchers discovered two major security flaws in the Galaxy Store app store, which ships with Samsung’s Android smartphones and tablets. Both vulnerabilities have since been patched, but you must update the store to see the changes.
CVE-2023-21433, the first vulnerability, is caused by “improper access control” in the Galaxy Store and allows malicious parties to instal apps on a user’s device without their knowledge. However, that app must be available through the Galaxy Store in the first place, and the issue only affects Android 12 and earlier – Samsung Galaxy devices upgraded to Android 13 are not affected.
It was discovered that the Galaxy App Store has an exported activity that does not handle incoming intents securely. This enables other apps installed on the same Samsung device to instal any app available on the Galaxy App Store without the user’s knowledge.
The impact of this issue is relatively minor because it can only instal apps from a relatively safe app store, but it is still important to fix.
Both of these security flaws have been addressed in Galaxy Store version 22.214.171.124, which is now available.