Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution By Orbit Brain January 24, 2023 0 193 views House › Cellular SafetySamsung Galaxy Retailer Flaws Can Result in Undesirable App Installations, Code ExecutionBy Ionut Arghire on January 23, 2023TweetCybersecurity agency NCC Group has shared particulars on two vulnerabilities in Samsung’s Galaxy Retailer that may very well be exploited to put in purposes or execute JavaScript code by launching an online web page.Another app market, the Galaxy Retailer comes pre-installed on Samsung’s Android gadgets and can be utilized alongside Google Play to obtain and set up software program.Tracked as CVE-2023-21433, the primary of the vulnerabilities that NCC Group has recognized might permit rogue purposes on a tool to obtain and set up further software program from the Galaxy Retailer, with out the person’s data.The problem is described as an improper entry management flaw, the place the app retailer contained an exported exercise that failed to securely deal with incoming intents. The bug, NCC explains, solely impacted gadgets working Android 12 and older.The second vulnerability, CVE-2023-21434, is described as an improper enter validation difficulty that would permit an area attacker to execute JavaScript code by launching an online web page.“It was discovered {that a} webview inside the Galaxy App Retailer contained a filter which restricted which domains that webview might browse to. Nevertheless, the filter was not correctly configured, which might permit the webview to browse to an attacker-controlled area,” NCC Group explains.The vulnerability will be exploited by tapping a malicious URL in Chrome or a pre-installed rogue utility, which might bypass present URL filtering.The cybersecurity agency has revealed proof-of-concept (PoC) code for each these vulnerabilities.The safety defects have been reported to Samsung in November and December 2022. Each points have been addressed in Galaxy Retailer model 4.5.49.8.House owners of Samsung gadgets working Android 12 or under are suggested to replace to the most recent model of Galaxy Retailer as quickly as doable.Associated: VMware Warns of Exploit for Latest NSX-V VulnerabilityAssociated: CISA Warns of Assaults Exploiting Latest Atlassian Bitbucket VulnerabilityAssociated: Owl Labs Patches Extreme Vulnerability in Video Conferencing UnitsGet the Every day Briefing Most LatestMost LearnApple Patches WebKit Code Execution FlawsThoma Bravo to Purchase Magnet Forensics in Billion-Greenback DealMicrosoft Invests Billions in ChatGPT-maker OpenAISamsung Galaxy Retailer Flaws Can Result in Undesirable App Installations, Code ExecutionNSA Publishes Safety Steerage for Organizations Transitioning to IPv6Majority of GAO’s Cybersecurity Suggestions Not Applied by Federal CompaniesCorporations Impacted by Latest Mailchimp Breach Begin Notifying ClientsMississippi Creates New Cyber Unit, Names 1st DirectorFBI Chief Says He is ‘Deeply involved’ by China’s AI ProgramIn-the-Wild Exploitation of Latest ManageEngine Vulnerability CommencesIn search of Malware in All of the Improper Locations?First Step For The Web’s subsequent 25 years: Including Safety to the DNSTattle Story: What Your Pc Says About YouBe in a Place to Act By way of Cyber Situational ConsciousnessReport Exhibits Closely Regulated Industries Letting Social Networking Apps Run Rampant2010, A Nice 12 months To Be a Scammer.Do not Let DNS be Your Single Level of FailureEasy methods to Establish Malware in a BlinkDefining and Debating Cyber WarfareThe 5 A’s that Make Cybercrime so EnticingEasy methods to Defend Towards DDoS AssaultsSafety Budgets Not in Line with ThreatsAnycast – Three Causes Why Your DNS Community Ought to Use ItThe Evolution of the Prolonged Enterprise: Safety Methods for Ahead Pondering OrganizationsUtilizing DNS Throughout the Prolonged Enterprise: It’s Dangerous EnterpriseSecurityWeek PodcastShare this:FacebookXPrintEmailLinkedInRedditTwitterTumblrPinterestTelegramWhatsApp application code execution CVE-2023-21433 CVE-2023-21434 Galaxy App Store PoC Samsung vulnerability Orbit Brainhttps://orbitbrain.com/ Orbit Brain is the senior science writer and technology expert. Our aim provides the best information about technology and web development designing SEO graphics designing video animation tutorials and how to use software easy waysand much more. Like Best Service Latest Technology, Information Technology, Personal Tech Blogs, Technology Blog Topics, Technology Blogs For Students, Futurism Blog.
South Korea Fines Google, Meta Over Privacy ViolationsIntroducing the Cyber Security News South Korea Fines Google, Meta Over Privacy Violations.... September 15, 2022 Cyber Security News
Musk’s Latest Reason to Drop Twitter Deal – Whistleblower PaymentIntroducing the Cyber Security News Musk’s Latest Reason to Drop Twitter Deal – Whistleblower Payment.... September 10, 2022 Cyber Security News
SOHO Routers in North America and Europe Targeted With ‘ZuoRAT’ MalwareIntroducing the Cyber Security News SOHO Routers in North America and Europe Targeted With ‘ZuoRAT’ Malware.... July 1, 2022 Cyber Security News
Ransomware Operator Abuses Anti-Cheat Driver to Disable AntivirusesIntroducing the Cyber Security News Ransomware Operator Abuses Anti-Cheat Driver to Disable Antiviruses.... August 26, 2022 Cyber Security News
Black Hat USA 2022 – Announcements SummaryIntroducing the Cyber Security News Black Hat USA 2022 – Announcements Summary.... August 12, 2022 Cyber Security News
Cybersecurity Growth Investment Flat, M&A Activity Strong for 2022Introducing the Cyber Security News Cybersecurity Growth Investment Flat, M&A Activity Strong for 2022.... July 29, 2022 Cyber Security News
Pantera Capital Plans $250M Solana (SOL) Buy, Analyst Predicts Record Rally Toward $1000March 8, 2024 76
Ethereum Blockchain Now Has A Modernized Version of Bitcoin (BTC) But With A Much Lower SupplyMarch 9, 2024 71