Multiple Vulnerabilities in the Samsung Galaxy App Store

guest · Jan 20, 2023

Exploits released for two Samsung Galaxy App Store vulnerabilities
By Bill Toulas @billtoulas - January 20, 2023

Two vulnerabilities in the Galaxy App Store, Samsung’s official repository for its devices, could enable attackers to install any app in the Galaxy Store without the user’s knowledge or to direct victims to a malicious web location.
Click to expand...

The issues were discovered by researchers from the NCC Group between November 23 and December 3, 2022.

The Korean smartphone maker announced on January 1, 2023 that it fixed the two flaws and released a new version for Galaxy App Store (4.5.49.8).
Click to expand...

Today, the NCC Group published technical details for the two security issues, along with proof-of-concept (PoC) exploit code for each of them.

It should be noted that both attacks require local access, an easy feat for motivated hackers and malware distributors targeting mobile devices.
Click to expand...

Forcing app installs on Android
NCC discovered that the Galaxy App Store does not handle incoming intents in a safe way, allowing apps on the device to send arbitrary app installation requests.

The PoC shared by NCC’s analysts is an ‘ADB’ (Android Debug Bridge) command that instructs an app component to install the “Pokemon Go” game by sending an intent with the specified target application to the app store.
Click to expand...

NCC Group: Technical Advisory – Multiple Vulnerabilities in the Galaxy App Store (CVE-2023-21433, CVE-2023-21434)

By Ken Gannon - January 20, 2023
The Galaxy App Store is an alternative application store that comes pre-installed on Samsung Android devices. Several Android applications are available on both the Galaxy App Store and Google App Store, and users have the option to use either store to install specific applications.

Two vulnerabilities were uncovered with the Galaxy App Store application:

Technical Advisory: Improper access control could allow local attackers to install applications from the Galaxy App Store (CVE-2023-21433)

Technical Advisory: Improper input validation could allow local attackers to execute JavaScript by launching a web page (CVE-2023-21434)

Click to expand...

Log in or Sign up

Multiple Vulnerabilities in the Samsung Galaxy App Store

guest Guest

Log in or Sign up

Multiple Vulnerabilities in the Samsung Galaxy App Store

guest Guest

Useful Searches