Samsung Galaxy Store Flaws Can Lead to Unwanted App Installations, Code Execution

data breach

malware

network threats

AI generated Image

Tracked as CVE-2023-21433, the first of the vulnerabilities that NCC Group has identified could allow rogue applications on a device to download and install additional software from the Galaxy Store, without the user’s knowledge. Cybersecurity firm NCC Group has shared details on two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page. The second vulnerability, CVE-2023-21434, is described as an improper input validation issue that could allow a local attacker to execute JavaScript code by launching a web page.

Source read time: 1 min - securityweek.com

Also offered in: Nederlands

More news for you