在十多天前,安全分析团队 Project Zero 披露了 Exynos Modem 内有多个 0-day 漏洞,当中四个漏洞可以让骇客轻松地访问受影响的手机,并取得控制权。0-day 漏洞是指厂商之前不知道的缺陷。
这些漏洞是在 2022 年底至 2023 年初期间发现的,其中四个允许进行从互联网到基带遥距执行程式码,其余十四个被定为较不严重,因为需要透过网络商和骇客直接存装置。其中涉及较严重的漏洞,攻击者只需要知道某人的电话号码就就能利用,并在远程和静默的情况下破坏受害者的手机。Project Zero 研究团队建议仍然存在漏洞的手机用户应停用 Wi-Fi 语音和 VoLTE(Voice-over-LTE)。
Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number.
根据三星网站,这些漏洞存在于其 Exynos Modem 5123 和 Exynos Modem 5300,以及 Exynos 980 和 Exynos 1080 芯片中。
– Samsung Galaxy S22, M33, M13, M12, A71, A53, A33, A21s, A13, A12 and A04 series
– Vivo S16, S15, S6, X70, X60 and X30 series
– Google Pixel 6, Pixel 7 series
Google Samsung 陆续推出安全更新
Google 方面已着手为 Pixel 6、Pixel 6 Pro、Pixel 6a、Pixel 7 和 Pixel 7 Pro 发布安全更新修补这些漏洞。至于 Samsung 方面,在美国 Samsung Community Forum 上星期一位 Community Manager 就贴文表示,上述 Exynos Modem 中发现的六个漏洞中有五个在三月得到了修补,剩下的漏洞将在下个月进行修补。
Hello, We understand the concern of vulnerabilities. Samsung takes the safety of our customers very seriously. After determining 6 vulnerabilities may potentially impact select Galaxy devices, of which none were ‘severe’, Samsung released security patches for 5 of these in March. Another security patch will be released in April to address the remaining vulnerability.
