Android
[Samsung Responded] Severe Exynos modem vulnerabilities found, these models are affected
Google Project Zero team found severe 0-day vulnerabilities with the Samsung Exynos modem. Affected Exynos modem used in various Samsung devices including the Galaxy S22 series along with the Google Pixel 6a/6/6 Pro and Galaxy wearables.
Follow our socials → Google News, Telegram, Twitter, Facebook
According to the information, Project Zero reported 18 vulnerabilities in Exynos modems in late 2022 and early 2023. And notably, four of the flaws, including CVE-2023-24033, involve internet-to-baseband remote code execution:
Tests conducted by Project Zero confirm that those four vulnerabilities allow an attacker to remotely compromise a phone at the baseband level with no user interaction, and require only that the attacker know the victim’s phone number. With limited additional research and development, we believe that skilled attackers would be able to quickly create an operational exploit to compromise affected devices silently and remotely.
Among 18, 14 are not considered as severe because they “require either a malicious mobile network operator or an attacker with local access to the device.” The team is making a “policy exception to delay disclosure for the four vulnerabilities that allow for internet-to-baseband remote code execution.”
Affected devices
Samsung Semiconductor (January 2023) data reveals that Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5123 are affected chipsets.
Google compiled a list of likely affected products:
Samsung Galaxy:
- S22 series
- M33
- M13
- M12
- A71
- A53
- A33
- A21
- A13
- A12
- A04 series
- Watch 4 series
- Watch 5 series
Google:
- Pixel 6 and 6 Pro
- Pixel 6a
- Pixel 7 and 7 Pro
Vivo:
- S16
- S15
- S6
- X70
- X60
- X30 series
Wearable:
- Any wearables that use the Exynos W920 chipset
Vehicle:
- Any vehicles that use the Exynos Auto T5123 chipset
Samsung March 2023 Patch
Samsung detailed the March 2023 security patch earlier this month, which doesn’t provide fixes to the severe CVE-2023-24033 vulnerability. At the same time, Google listed the CVE in its March 2023 Android security bulletin, which started to roll out to Pixel devices on Monday.
Here’s what Samsung said:
At the end of last year, we received a security issue notification for Google project zero, and Samsung has provided all customers with a patch version for this vulnerability, and the related issues have now been resolved.
| Via |
Android
Google unveils Android 16 Developer Preview with exciting features
Google has kicked off the Developer Preview for Android 16, arriving earlier than expected. Usually, these previews begin in February, but Android 16 DP1 is launching three months ahead of schedule this year.
The earlier release of the DP1 is because Google has moved the official Android 16 release from the third quarter to the second quarter of 2025. It aims to ensure that more devices get access to the major Android updates sooner.
Android 16 DP1 is available for several Pixel devices, including the pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, and Pixel Pro Fold, as well as the Android Emulator. It can be identified through version BP21.241018.009.
The Android 16 Developer Preview brings new features for app developers. It brings a system photo picker that will help apps give users a smoother, more integrated way to select photos without needing extra permissions.
Another new feature is Health Connect, which lets apps access and manage medical records in FHIR format, but only with user permission. The update also includes the latest version of the Privacy Sandbox for privacy protection.
This preview program runs from November 2024 until the final public release next year. Android 16 Beta Program will begin in January, with the final stable release expected in Q2 of 2025. Stay tuned for more updates.
Android 16 to make Quick Settings access easier with one-finger swipe
Android
Google’s Android 15 QPR2 Beta 1 update is now available
Google has released the first beta of Android 15 QPR2 for Pixel users. The update can be identified via build version BP11.241025.006. However, users are also waiting for the stable release of Android 15 QPR1 in December this year.
Android 15 QPR2 Beta 1 update comes with the November 2024 security patch. It is available for a wide range of Pixel devices, including Pixel 6, Pixel 6 Pro, Pixel 6a, Pixel 7, Pixel 7 Pro, Pixel 7a, Pixel Tablet, Pixel Fold, Pixel 8, Pixel 8 Pro, Pixel 8a, Pixel 9, Pixel 9 Pro, Pixel 9 Pro XL, and Pixel 9 Pro Fold, as well as the Android Emulator.
Quarterly Platform Releases are updates that bring more noticeable changes and new features compared to the usual monthly bug fixes. These updates are perfect for testing out bigger UI changes or new features that don’t need to wait for a full Android version release.
The QPR2 Beta 1 is the second major update for Android 15, with the final version expected to launch in March 2025 (via 9to5Google). This update brings the usual bug fixes, security enhancements, and new features to test.
Users participating in the beta program are advised to report any issues via the Android Beta Feedback app, easily accessible through the app drawer or Quick Settings. Install the update now to get an enhanced experience.
Android 16 to make Quick Settings access easier with one-finger swipe
Android
Android 16 to make Quick Settings access easier with one-finger swipe
Google is reportedly going to bring an interesting change with Android 16, which will no longer require two fingers to pull down the Quick Settings panel. Previously, there were concerns that users would need to swipe down with two fingers to bring up the Quick Settings. Fortunately, Google has decided to simplify this process.
With Android 16, accessing the Quick Settings will only require a single-finger swipe down on the right half of the status bar. The one-finger swipe access aligns it more closely similar to other Android manufacturers, like OnePlus and Samsung, have designed their systems.
Several users didn’t like the idea of needing two fingers to swipe down, as it felt more awkward and less convenient. By switching to a single-finger swipe for Android 16, Google will make it easier for users to manage their settings with less effort. A well-known tipster Mishaal Rahman (via Android Authority) spotted the code for this Quick Settings change.
However, the new design still lacks the ability to swipe seamlessly between the notifications and Quick Settings panels. Hopefully, Google will add this feature before the official release.
In addition to the swipe change, Android 16 will introduce resizable Quick Settings tiles and better categorization to help users find specific settings more easily.
However, these features are still being worked on and may not be fully ready in the current beta. They are expected to roll out in the final Android 16 release, which is expected in mid-2025.