Smartphone Update Vulnerability Found

Smartphone Update Vulnerability Found

Smartphone Update Vulnerability Found

Category : Blog

Smartphone Update Vulnerability Found

A Google Project Zero researcher, Gal Beniamini has found some vulnerabilities including a remote code execution in Broadcom’s Wi-Fi system-on-chip (SoC) which if exploited can allow attackers to compromise Smartphone devices like iPhone, Samsung, and Google Nexus. Smartphone update vulnerability found.

Broadcom’s Wi-Fi chips are used in a number of well-known devices and any vulnerability makes millions of smartphones vulnerable which includes Samsung’s flagship Android smartphones, Google’s very own Nexus 5, 6 and 6P and iPhone devices starting from iPhone 4.

Beniamini explained the functionality and importance of Broadcom Wi-Fi chipset and how this vulnerability can be used to carry a remote code execution attack. The Google researcher is also working on the privileges from the SoC into the operating system’s kernel which will help to know how an attacker in the Wi-Fi range can take full control of a targeted device without user interaction.

Smartphone Update Vulnerability Found

Thanks to Beniamini’s findings because of which Samsung has released maintenance updates fixing all the vulnerabilities on its own and Google products, Apple has issued an emergency update for iPhone users while a lot of android flaws were patched during March security updates.

Last week Apple has an issue about their critical update for iOS. After Apple users were targeted with a fake ransomware scam using javascript from another domain. The update changed the way Safari browsers handled javascript in the past.

We will get back soon with some news updates and please update your Smartphone to avoid this vulnerability.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

CEH V9  training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 


Leave a Reply