A security company, Oversecured, revealed that Samsung Galaxy users were vulnerable to some serious security flaws because of Samsung’s native apps. The researchers at Oversecured say that hackers could have used these flaws to spy on the users. The company founder Sergey Toshin told TechCrunch that although the vulnerabilities were verified on Galaxy S10+, “all Samsung devices could be potentially affected.” The vulnerabilities have now been fixed.
The vulnerabilities could have allowed hackers to steal user’s photos, videos, contact, call records, and messages. It could also give hackers access to change the device’s settings without the user’s permission or notice.
In a blog post, the security company further revealed a bug that could be used to steal contacts’ data. Another bug was revealed in Knox security software that can be used to install malicious apps. The company also found a bug in Samsung Dex that can remove data from notifications like emails and messages.
The researchers said that it reported the issues to Samsung and the company soon after fixed the bugs.
As per the report, Samsung has confirmed that the flaws affected a few Galaxy devices but did not reveal the name of the devices. Samsung further added that no reports were issued globally, and users’ sensitive information was not at risk. Samsung has fixed the flaws via security patches in the new April and May 2021 software updates.