On some Android OS smartphones, a 0 Day security flaw has been discovered.
And this new flaw found on the Android core of these mobiles, could allow to take control of these remotely. And vulnerability has been affecting some of the most popular mobiles lately. These include the Huawei p20, the Samsung Galaxy s9 the Xiaomi Redmi Note 5. And it has been mentioned that this security flaw is more or less critical and sensitive.
This article will also interest you: The hacking of our smartphones is becoming more and more disturbing
this Vulnerability was discovered by the Project Zero team Google, this branch dedicated exclusively to the search for vulnerabilities and critical vulnerabilities. Maddie Stone, computer security researcher discovered this 0 Day flaw that did not never documented or even corrected. This security flaw affects the lunix nucleus Android, which will allow cybercriminals to be able to grant themselves privileges administrator on the system and take control total even remotely. This loophole could grant privileges to change the smartphone system to lower levels.
Affecting smartphones quite popular, this vulnerability would have appeared in the core version of Android that was born in April 2018 and which had even been corrected in another 4.14 LTS version of the Linux kernel, available to the general public in December 2018. The problem is that this fix has been integrated only in the core versions of Android 3.18 ; 4.4 and 4.9. As a result, many Android-type phones have been marketed with this vulnerability. The affected smartphones have been listed by the the Hacker News and they are at the number of 13
1) Samsung Galaxy S7
2) Samsung Galaxy S8
3) Samsung Galaxy S9
4) Google Pixel
5) Google Pixel XL
6) Google Pixel 2
7) Google Pixel 2 XL
8) Huawei P20
9) Xiaomi Redmi 5A
10) Xiaomi Redmi Note 5
11) Xiaomi A1
12) Oppo A3
13) Motorola Moto Z3
In addition, it was meant that the vulnerability could extend to some LG devices running Android Oreo. The researcher wanted to notify that the security breach also affected the new version of Android. Indeed, she admits to having managed to exploit the flaw even though there is a recent fix security.
Accessible from Google Chrome's Sandbox, the is workable by an application or a simple web page, which will save money reading rights and even writing on the core of the Android system. In short, just the essentials to take control of a device discreetly.
If a security fix is on the way, there is no no less than the security breach was exploited by a company NSO Group, an IT security firm that is recognized in the sector for its easily detect such loopholes and then sell them to governments.
Google has been warned that it will deploy a security fix by the end of October. On the other hand, all the smartphone manufacturers involved have been warned so that they can also develop updates that can help close the gap.
Now access an unlimited number of passwords: