Google has issued an alert on 18 specific insects found in the Android working gadget. These problems variety in severity from small flaws to major flaws that would allow hackers to get admission to non-public records or take control of a person’s tool.
In a weblog put up, Google Project Zero head Tim Willis stated that in-house security researchers determined and pronounced 18 zero-day vulnerabilities in Samsung Exynos modems over the previous few months, together with four excessive-severity flaws that might compromise affected gadgets “silently and remotely” over the cellular community.According to Project Zero, affected smartphones consist of kind of a dozen Samsung fashions, Vivo mobile phones, and Google’s very own Pixel 6 and Pixel 7 handsets. Wearables and automobiles that use Exynos processors to connect to the cell network are also affected.
One of the most serious insects recognized is a vulnerability in the Android system’s media framework that might permit attackers to remotely execute code on a centered tool. This worm, that’s exact as CVE-2022-4061, has a severity score of 9.8 out of 10, indicating a high stage of hazard.CVE-2022-4094 is every other essential vulnerability that influences the kernel of the Android system. This bug may allow attackers to get get entry to to touchy records or even take manipulate of a device through raising their privileges. The severity of this vulnerability is 7.8 out of 10.Other bugs recognized with the aid of Google include a vulnerability in the Android machine’s Wi-Fi module (CVE-2022-4111), a flaw in the Android gadget’s audio framework (CVE-2022-4113), and a bug within the Android gadget’s Bluetooth module (CVE-2022-4118). While these bugs aren’t considered as intense as the two critical vulnerabilities noted above, they nevertheless constitute ability protection dangers for Android customers.Google has released patches to deal with these insects, and users are strongly suggested to update their Android gadgets as quickly as feasible to make certain that they’re included in opposition to those vulnerabilities. However, now not all Android devices obtain well timed updates, so a few customers may additionally nevertheless be at risk until their device producer releases a patch.