Affiliate links on Android Authority may earn us a commission. Learn more.
Hackers can take over out-of-date Samsung phones
- Samsung smartphones are vulnerable to a major flaw if they haven’t been updated.
- Hackers can make phone calls, even factory reset.
- Users should upgrade immediately to stay safe.
Security firm Kryptowire is warning a wide range of Samsung devices are vulnerable to a major security flaw that allows hackers to take over a device.
Kryptowire makes Mobile Application Security Testing (MAST), a tool that scans for vulnerabilities, as well as security and privacy issues. , it discovered a vulnerability () that could allow a hacker to take a range of actions, including making phone calls, installing/uninstalling apps, weakening HTTPS security by installing unverified certificates, running apps in the background, and even factory resetting a device.
See also: What are Android security updates, and why do they matter?
The vulnerability appears to impact virtually all Samsung smartphones running Android 9 through 12, thanks to the pre-installed Phone app that has an “insecure component.” Because the Phone app runs with system privileges, this opens up an attack vector for bad actors. Malicious apps can use the Phone vulnerability to “mimic system-level activity” and access functionality that would otherwise be protected.