Samsung Galaxy Retailer App Discovered Susceptible to Sneaky App Installs and Fraud

Samsung Galaxy Retailer App Discovered Susceptible to Sneaky App Installs and Fraud

Jan 23, 2023Ravie LakshmananCell Hacking / App Safety

Samsung Galaxy Retailer App Discovered Susceptible to Sneaky App Installs and Fraud

Two safety flaws have been disclosed in Samsung’s Galaxy Retailer app for Android that could possibly be exploited by an area attacker to stealthily set up arbitrary apps or direct potential victims to fraudulent touchdown pages on the internet.

The problems, tracked as CVE-2023-21433 and CVE-2023-21434, have been found by NCC Group and notified to the South Korean chaebol in November and December 2022. Samsung categorized the bugs as reasonable threat and launched fixes in model 4.5.49.8 shipped earlier this month.

Samsung Galaxy Retailer, beforehand often known as Samsung Apps and Galaxy Apps, is a devoted app retailer used for Android units manufactured by Samsung. It was launched in September 2009.

The primary of the 2 vulnerabilities is CVE-2023-21433, which might allow an already put in rogue Android app on a Samsung machine to put in any utility obtainable on the Galaxy Retailer.

Samsung described it as a case of improper entry management that it mentioned has been patched with correct permissions to stop unauthorized entry.

It is price noting right here that the shortcoming solely impacts Samsung units which might be working Android 12 and earlier than, and doesn’t have an effect on these which might be on the most recent model (Android 13).

The second vulnerability, CVE-2023-21434, pertains to an occasion of improper enter validation that happens when limiting the checklist of domains that could possibly be launched as a WebView from throughout the app, successfully enabling a risk actor to bypass the filter and browse to a website below their management.

“Both tapping a malicious hyperlink in Google Chrome or a pre-installed rogue utility on a Samsung machine can bypass Samsung’s URL filter and launch a webview to an attacker managed area,” NCC Group researcher Ken Gannon mentioned.

The replace comes as Samsung rolled out safety updates for the month of January 2023 to remediate a number of flaws, a few of which could possibly be exploited to change provider community parameters, management BLE promoting with out permission, and obtain arbitrary code execution.

Discovered this text attention-grabbing? Observe us on Twitter and LinkedIn to learn extra unique content material we submit.