Researchers from Kryptowire discovered a vulnerability, tracked as CVE-2022-22292, located within Android devices. The vulnerability resides in a pre-installed app that executes with system privileges on Samsung devices. Experts pointed out that the Phone app has an insecure component which allows local apps to perform privileged operations without any user interaction. This could give an attacker the ability to initiate a factory reset, make phone calls, install/uninstall apps, and weaken security controls. This has been rated as a high severity vulnerability and was reported to Samsung.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security