Skip to main content
News

Kryptowire Identifies High Risk Security Vulnerability in Samsung Devices Running Android

April 5, 2022 – McLean, VA, United StatesKryptowire Inc., a mobile security and privacy solutions company, today announced it identified a serious security vulnerability (CVE-2022-22292) in Samsung devices running Android versions 9 through 12. The vulnerability, discovered using Kryptowire Mobile Application Security Testing (MAST), allowed local applications to mimic system-level activity and “hijack” critical  protected functionality. The vulnerability could give attackers the ability to initiate a factory reset (i.e., deleting all user data),  make phone calls (including to emergency numbers such as 911), install/uninstall apps, weaken HTTPS security by installing arbitrary root certificates, all from untrusted apps running in the background and without end-user approval.

“Ever think someone else has access to your phone? Unfortunately, you may be right,” said Alex Lisle, CTO of Kryptowire. “Mobile applications are becoming the primary point of personal and professional activity, representing an increasingly attractive target for bad actors.”

The CVE-2022-22292 vulnerability was disclosed to Samsung on November 27, 2021 and given a “High” severity rating by Samsung. Samsung patched the vulnerability in February 2022 as part of its ongoing Security Maintenance Release (SMR) process. The vulnerability resides in the pre-installed Phone app that executes with system privileges on Samsung devices running Android 9 through 12. The Phone app has an insecure component which allows local apps to perform privileged operations without user authorization.

To ensure end users and businesses deliver customers peace of mind, automated mobile security scanning must become common practice. As points of vulnerability and associated threats increase, a proactive security posture represents the most reliable way to protect personal and corporate data from bad actors – criminals who stand increasingly more to gain, and whose methods are becoming increasingly sophisticated.

Accordingly, developers and enterprises responsible for app development and security should consider implementing an appropriate solution before a major incident occurs, instead of as a reactive measure.

For more technical information on the Samsung Vulnerability visit: https://www.kryptowire.com/blog/start-arbitrary-activity-app-components-as-the-system-user-vulnerability-affecting-samsung-android-devices/

About Kryptowire MAST

Kryptowire Mobile Application Security Testing (MAST) allows app managers to scan for security, privacy, and compliance vulnerabilities using an automatic, cloud-based solution. In 2021, Kryptowire scanned over 3 billion lines of code across 70,000 applications, discovering over 500 vulnerabilities affecting approximately 2 billion devices.

About Kryptowire Inc.

Kryptowire is a leader in cloud-based mobile security and privacy solutions, delivering organizations and end-users the peace of mind that comes with intrusion-free mobile security. We enable organizations to scan mobile devices and applications for security, compliance, and other vulnerabilities without accessing source code, saving time and preserving privacy. Our mission is to make world-class mobile security available to more businesses and communities around the world.

Please visit www.kryptowire.com or connect with us on LinkedIn and Twitter (@kryptowire) for more information.

Media Contact
media@kryptowire.com

News

Kryptowire Identifies High Risk Security Vulnerability in Samsung Devices Running Android

April 5, 2022 – McLean, VA, United StatesKryptowire Inc., a mobile security and privacy solutions company, today announced it identified a serious security vulnerability (CVE-2022-22292) in Samsung devices running Android versions 9 through 12. The vulnerability, discovered using Kryptowire Mobile Application Security Testing (MAST), allowed local applications to mimic system-level activity and “hijack” critical  protected functionality. The vulnerability could give attackers the ability to initiate a factory reset (i.e., deleting all user data),  make phone calls (including to emergency numbers such as 911), install/uninstall apps, weaken HTTPS security by installing arbitrary root certificates, all from untrusted apps running in the background and without end-user approval.

“Ever think someone else has access to your phone? Unfortunately, you may be right,” said Alex Lisle, CTO of Kryptowire. “Mobile applications are becoming the primary point of personal and professional activity, representing an increasingly attractive target for bad actors.”

The CVE-2022-22292 vulnerability was disclosed to Samsung on November 27, 2021 and given a “High” severity rating by Samsung. Samsung patched the vulnerability in February 2022 as part of its ongoing Security Maintenance Release (SMR) process. The vulnerability resides in the pre-installed Phone app that executes with system privileges on Samsung devices running Android 9 through 12. The Phone app has an insecure component which allows local apps to perform privileged operations without user authorization.

To ensure end users and businesses deliver customers peace of mind, automated mobile security scanning must become common practice. As points of vulnerability and associated threats increase, a proactive security posture represents the most reliable way to protect personal and corporate data from bad actors – criminals who stand increasingly more to gain, and whose methods are becoming increasingly sophisticated.

Accordingly, developers and enterprises responsible for app development and security should consider implementing an appropriate solution before a major incident occurs, instead of as a reactive measure.

For more technical information on the Samsung Vulnerability visit: https://www.kryptowire.com/blog/start-arbitrary-activity-app-components-as-the-system-user-vulnerability-affecting-samsung-android-devices/

About Kryptowire MAST

Kryptowire Mobile Application Security Testing (MAST) allows app managers to scan for security, privacy, and compliance vulnerabilities using an automatic, cloud-based solution. In 2021, Kryptowire scanned over 3 billion lines of code across 70,000 applications, discovering over 500 vulnerabilities affecting approximately 2 billion devices.

About Kryptowire Inc.

Kryptowire is a leader in cloud-based mobile security and privacy solutions, delivering organizations and end-users the peace of mind that comes with intrusion-free mobile security. We enable organizations to scan mobile devices and applications for security, compliance, and other vulnerabilities without accessing source code, saving time and preserving privacy. Our mission is to make world-class mobile security available to more businesses and communities around the world.

Please visit www.kryptowire.com or connect with us on LinkedIn and Twitter (@kryptowire) for more information.

Media Contact
media@kryptowire.com