Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution.

The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14.

“Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote attackers to execute arbitrary code,” Samsung said in an advisory for the flaw released in December 2024 as part of its monthly security updates. “The patch adds proper input validation.”

Google Project Zero researcher Natalie Silvanovich, who discovered and reported the shortcoming, described it as requiring no user interaction to trigger (i.e., zero-click) and a “fun new attack surface” under specific conditions.

Particularly, this works if Google Messages is configured for rich communication services (RCS), the default configuration on Galaxy S23 and S24 phones, as the transcription service locally decodes incoming audio before a user interacts with the message for transcription purposes.

“The function saped_rec in libsaped.so writes to a dmabuf allocated by the C2 media service, which always appears to have size 0x120000,” Silvanovich explained.

“While the maximum blocksperframe value extracted by libsapedextractor is also limited to 0x120000, saped_rec can write up to 3 * blocksperframe bytes out, if the bytes per sample of the input is 24. This means that an APE file with a large blocksperframe size can substantially overflow this buffer.”

In a hypothetical attack scenario, an attacker could send a specially crafted audio message via Google Messages to any target device that has RCS enabled, causing its media codec process (“samsung.software.media.c2”) to crash.

Samsung’s December 2024 patch also addresses another high-severity vulnerability in SmartSwitch (CVE-2024-49413, CVSS score: 7.1) that could allow local attackers to install malicious applications by taking advantage of improper verification of cryptographic signature.

Source

Leave a Comment Cancel Reply

London, GB

6:55 am, Jan 15, 2025

9°C

L: 8° | H: 10°

Feels like 8°C° mist

Humidity: 95 %

Pressure: 1034 mb

Wind: 3 mph SW

Wind Gust: 0 mph

UV Index: 0

Precipitation: 0 mm

Clouds: 100%

Rain Chance: 0%

Visibility: 4 km

Sunrise: 7:59 am

Sunset: 4:20 pm

DailyHourly

Daily ForecastHourly Forecast

Today 9:00 pm

8° | 10°°C 0 mm 0% 3 mph 98 % 1034 mb 0 mm/h

Tomorrow 9:00 pm

5° | 9°°C 0 mm 0% 5 mph 96 % 1035 mb 0 mm/h

Fri Jan 17 9:00 pm

3° | 7°°C 0 mm 0% 4 mph 93 % 1036 mb 0 mm/h

Sat Jan 18 9:00 pm

2° | 7°°C 0 mm 0% 3 mph 89 % 1033 mb 0 mm/h

Sun Jan 19 9:00 pm

2° | 6°°C 0 mm 0% 4 mph 89 % 1024 mb 0 mm/h

Today 9:00 am

7° | 8°°C 0 mm 0% 3 mph 96 % 1034 mb 0 mm/h

Today 12:00 pm

9° | 9°°C 0 mm 0% 2 mph 89 % 1034 mb 0 mm/h

Today 3:00 pm

9° | 9°°C 0 mm 0% 3 mph 89 % 1033 mb 0 mm/h

Today 6:00 pm

7° | 7°°C 0 mm 0% 3 mph 97 % 1034 mb 0 mm/h

Today 9:00 pm

6° | 6°°C 0 mm 0% 3 mph 98 % 1034 mb 0 mm/h

Tomorrow 12:00 am

6° | 6°°C 0 mm 0% 3 mph 96 % 1034 mb 0 mm/h

Tomorrow 3:00 am

5° | 5°°C 0 mm 0% 3 mph 95 % 1033 mb 0 mm/h

Tomorrow 6:00 am

5° | 5°°C 0 mm 0% 3 mph 96 % 1034 mb 0 mm/h

Name	Price	24H (%)
Bitcoin(BTC)	€94,109.60	2.26%
Ethereum(ETH)	€3,128.62	1.40%
XRP(XRP)	€2.76	12.45%
Tether(USDT)	€0.97	0.00%
Solana(SOL)	€183.51	1.57%
Dogecoin(DOGE)	€0.349200	4.80%
USDC(USDC)	€0.97	-0.01%
Shiba Inu(SHIB)	€0.000020	0.63%
Pepe(PEPE)	€0.000016	1.02%
Peanut the Squirrel(PNUT)	€0.55	-5.74%

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Share:

Leave a Comment Cancel Reply

Utility link

Useful link

Newsletter

Follow Us