Samsung Galaxy Store vulnerabilities left a hole for attackers to install apps and more

January 25, 2023

Galaxy Store vulnerabilities

You should update the Galaxy Store on your Samsung smartphone and/or tablet immediately, as a security hole leaves your device at potential risk.

Cybersecurity researchers at NCC Group this week revealed two major security vulnerabilities affecting the Galaxy Store app store that ships on Samsung’s Android smartphones and tablets. Both vulnerabilities have since been fixed, but you’ll need to update the store to apply the fixes.

The first issue, CVE-2023-21433, is caused by “improper access control” in the Galaxy Store and allows malicious parties to install apps on a user’s device without their knowledge. That app must be available through the Galaxy Store in the first place, though, and the issue only affects Android 12 and prior – Samsung Galaxy devices upgraded to Android 13 are immune to this particular issue.

It was found that the Galaxy App Store has an exported activity which does not handle incoming intents in a safe manner. This allows other applications installed on the same Samsung device to automatically install any application available on the Galaxy App Store without the user’s knowledge.

The impact of this particular issue is relatively minor due to the fact that it can only install apps from a relatively safe app store, but it is important to fix nonetheless.

The other issue that NCC Group found, CVE-2023-21434, also had potential to cause issues. The Galaxy Store’s webview filter was not properly configured and allows for malicious domains to be accessed as long as they had similar elements to an approved URL. The main worry here came from JavaScript attacks, which could have been loaded.

Both of these security issues were fixed in Galaxy Store version 4.5.49.8 which is available now.

More on Samsung:

Add 9to5Google to your Google News feed.

google-news

Author: Ben Schoon
Source: 9TO5Google

Galaxy Store vulnerabilities

422

0