Threat Watch

Samsung Galaxy Store Bug

A now-patched security bug has been disclosed in the Galaxy Store app for Samsung devices that may potentially lead to remote command execution on vulnerable phones. The vulnerability, which affects Galaxy Store version 4.5.32.4, relates to a Cross-Site Scripting (XSS) bug that occurs when handling certain deeplinks. “Here, by not checking the deeplink securely, when a user accesses a link from a website containing the deeplink, the attacker can execute JavaScript (JS) code in the webview context of the Galaxy Store application,” stated SSD Secure Disclosure. XSS attacks allow attackers to insert and run a malicious JS code when victims access a rogue website through a browser or another program.

Subscribe to Threat Watch

Daily summaries of threats, delivered straight to your inbox!


Click Here to Subscribe to Threat Watch

ANALYST NOTES

The issue in the Galaxy Store app relates to how deeplinks are configured for Samsung’s Marketing and Content Service (MCS), which might create a situation where arbitrary code injected into the MCS website could lead to its execution. This vulnerability could be leveraged to download and install malicious programs on the Samsung smartphone. “To be able to successfully exploit the victim’s server, it is necessary to have HTTPS and CORS bypass of chrome,” stated the researchers.

https://thehackernews.com/2022/10/samsung-galaxy-store-bug-couldve-let.html

Facebook Twitter Instagram Youtube Linkedin
Solutions
Become a Reseller

Industries

Resources

About

Contact Us
Contact Support