One of the XDA users, dubbed as alephzain claims to have discovered a vulnerability in multiple Samsung devices that gives admission to all physical memory. With the potential risk being enormous as the attackers could effortlessly and quietly wipe data and brick devices via malicious apps, there is a ground for panic.
The devices that are vulnerable according to the mentioned user are those featuring an Exynos processor (4210 and 4412) and use Samsung kernel sources. The incomplete list of such smartphones include: Samsung Galaxy S III, Samsung Galaxy S II, Galaxy Note II, the Meizu MX, and potentially other devices.
The Korean Giant has not yet confirmed the issue, while on the other hand, an APK file called ExynosAbuse that uses Alephzain’s exploit has already been created by a senior moderator who calls himself Chainfire. The original thread lists following devices that are compatible with the file: Samsung Galaxy S2 GT-I9100, Samsung Galaxy S3 GT-I9300, Samsung Galaxy S3 LTE GT-I9305, Samsung Galaxy Note GT-N7000, Samsung Galaxy Note 2 GT-N7100, Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders), Samsung Galaxy Note 10.1 GT-N8000, and the Samsung Galaxy Note 10.1 GT-N8010.
The thing to note is that it’s not yet known whether any Android malware apps exploit this particular vulnerability. What's more, many devices are not damaged since they don’t have the right processor; for example, the Nexus 10 is not suited since it is powered by an Exynos 5 chip. Samsung has allegedly been informed about the XDA thread. Chainfire says he highlighted it for some Samsung engineers to read, making us think “that people at Samsung have just made aware of it.”
We think it'd be rational to once more recall how to stay protected on Android. What do you think of the potential threat that may endanger your private data? do not hesitate to share in the comments below.