Get all your news in one place.
100’s of premium titles.
One app.
Start reading
Android Central
Android Central
Technology
Jay Bonggolto

Samsung fixes Wi-Fi calling vulnerabilities affecting recent Galaxy phones

The back of the burgundy Samsung Galaxy S22 Ultra

What you need to know

  • Samsung has rolled out security patches for several vulnerabilities affecting certain Exynos modems and chips.
  • The fix was released as part of the March 2023 security update.
  • The security flaws exposed recent Galaxy phones and other Android handsets to internet-to-baseband remote code execution.

Google recently uncovered a nasty bug in Samsung's Exynos modems that could let hackers take over your phones just by knowing your phone number. The South Korean tech giant has now confirmed that these security flaws have been fixed.

A Samsung community moderator has disclosed that the Exynos modem vulnerabilities have been patched as part of the March 2023 security update. The confirmation was made in response to a Samsung user who took to the company's community forum to report the Wi-Fi calling vulnerability (via Android Authority).

"After determining 6 vulnerabilities may potentially impact select Galaxy devices, of which none were 'severe', Samsung released security patches for 5 of these in March," the moderator wrote. "Another security patch will be released in April to address the remaining vulnerability."

It's quite interesting that the Samsung community manager claimed that none of the vulnerabilities were severe. Earlier this month, Google's Project Zero team revealed that out of 18 zero-day vulnerabilities in Samsung's Exynos modems, four were severe. Security researchers claimed that bad actors could exploit the flaws to remotely and silently take control of vulnerable devices.

The affected Exynos modems were found in many of the top Samsung phones, such as the Galaxy S22 series, the Galaxy A53, and older models. Google's recent flagship phones, including the Pixel 6 and Pixel 7 lineups, were affected as well, although the latter received a fix with the March update.

Recent Vivo models in the flagship and mid-range categories were also put at risk, as were wearable devices powered by an Exynos W920 chipset and vehicles that use the Exynos Auto T5123 processor.

If your phone or smartwatch is on the list of affected devices, you should download and install the latest security update, assuming it's live for you. Any remaining security bugs should be patched in April.

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.