Samsung Semiconductor has confirmed that certain Samsung phones, as well as others, are vulnerable to a “privilege escalation” hack identified earlier this year by Google security researchers. This issue concerns older devices with the Exynos 9820, 9825, 980, 990, 850, and W920 chipsets.
Though Samsung didn’t indicate which handsets are affected, Tom’s Guide did, and the list includes some familiar devices. These include the Exynos 990-equipped Galaxy S20 series and Galaxy Note 20 and the Exynos 980-equipped Galaxy S10 series and Galaxy Note 10. Thankfully, if you purchased any of these phones in the U.S., they have Qualcomm Snapdragon chips installed and are not affected.
Other phones affected worldwide include the Galaxy A21, A51, A71, A14, A13, and A04s.
There are some lesser-known phones that are also vulnerable, such as the Galaxy A Quantum, Galaxy M and Galaxy F phones, Vivo X30 series, and Vivo S6 5G. Some smartwatches are also at risk, such as the Galaxy Watch 5 series, Galaxy Watch 4 series, and Galaxy Watch FE.
According to Cynet, privilege escalation is a network attack that seeks unauthorized higher-level access within a security system. It starts with attackers exploiting vulnerabilities to enter a system with limited permissions and then escalating their access to control sensitive systems or data. This often occurs due to inadequate security measures, failure to follow the principle of least privilege, or software vulnerabilities, allowing both external attackers and insiders to gain inappropriate access.
Samsung rates this current vulnerability as having “high” severity. If you have any of these devices, ensure you have installed the latest software updates from Google and the manufacturer. Doing so should remove the risk.
Some of the phones mentioned above are nearly five years old, which means they no longer support the latest version of Android. For anyone in that boat, we suggest checking out our list of the best Android phones currently on the market and best phones overall.
