Samsung has announced the patching of 25 vulnerabilities in its mobile devices to address potential code execution and privilege escalation attacks. These vulnerabilities, disclosed in Samsung's latest security bulletin, could allow attackers to execute arbitrary code or escalate privileges on the affected devices. Samsung's proactive response includes patches for these vulnerabilities in its May 2024 Security Maintenance Release (SMR). Specific vulnerabilities patched include an authentication bypass in the Setupwizard, an improper access control issue in the multitasking framework, an improper authentication vulnerability in Samsung’s Secure Folder, and memory corruption issues in SveService, among others. Samsung has urged users to update their devices to the latest version to benefit from these security enhancements, available through regular firmware update channels.

Important Events:

• 
  Samsung announced the patching of 25 vulnerabilities in its mobile devices.
• The vulnerabilities could lead to code execution and privilege escalation attacks.
• Samsung included patches for these vulnerabilities in its May 2024 Security Maintenance Release (SMR).
• Specific vulnerabilities patched include authentication bypass, improper access control, improper authentication, and memory corruption issues.
• Samsung urged users to update their devices to the latest version to benefit from security enhancements.

CVE Notes Affecting This Device:

• 
  CVE-2024-20866 (SVE-2023-1778): Authentication bypass vulnerability in the Setupwizard.
• CVE-2024-20855 (SVE-2023-2193): Improper access control issue in the multitasking framework.
• CVE-2024-20856 (SVE-2023-2265): Improper authentication vulnerability in Samsung’s Secure Folder.
• CVE-2024-20861 (SVE-2024-0092) and CVE-2024-20862 (SVE-2024-0096): Memory corruption issues in SveService.
• CVE-2024-20865 (SVE-2024-0234): Authentication bypass in the bootloader.
• CVE-2024-20864 (SVE-2024-0357): Improper access control vulnerability in DarManagerService.

Technical Analysis:

The vulnerabilities addressed involve authentication bypass, improper access control, improper authentication, and memory corruption issues. These vulnerabilities could be exploited by attackers to execute arbitrary code or escalate privileges on Samsung mobile devices. The patches implemented by Samsung aim to fix these vulnerabilities by enforcing stricter access controls, removing unnecessary internet access, adding proper verification checks, and addressing memory corruption issues.

Mitigation:

Users are advised to update their Samsung mobile devices to the latest version to benefit from the security enhancements and patches provided by Samsung. Updates are available through regular firmware update channels, and users can apply them by navigating to the software update section in their device settings.

Source and further reading.

Baran, G., & Baran, G. (2024, May 7). Multiple Samsung mobile devices flaw let attackers execute arbitrary code. GBHackers on Security | #1 Globally Trusted Cyber Security News Platform. https://gbhackers.com/25-flaws-patched-samsung/amp

Dutta, T. S. (2023, October 25). Samsung Galaxy S23 hacked at Pwn2Own Toronto 2023. GBHackers on Security | #1 Globally Trusted Cyber Security News Platform. https://gbhackers.com/pwn2own-toronto-2023/#google_vignette

Samsung Mobile Security. (n.d.). https://security.samsungmobile.com/securityUpdate.smsb