Tuesday, January 31, 2023

No Result

View All Result

Home
Exploits
Broadcast Signal Intrusion – Hacking Radio Stations

PHPJabbers Car Park Booking System 2.0 Cross Site Scripting

Zstore 6.6.0 Cross Site Scripting

PHPJabbers Event Ticketing System Script 1.0 Cross Site Scripting

PHPJabbers Travel Tours Script 1.0 SQL Injection

PHPJabbers Travel Tours Script 1.0 Cross Site Scripting

PHPJabbers Property Listing Script 3.1 SQL Injection

PHPJabbers Property Listing Script 3.1 Cross Site Scripting

Razer Synapse 3.7.0731.072516 Local Privilege Escalation
Trending Tags
Hacking News

Serious 2FA Bypass Vulnerability Affected Facebook And Instagram

Multiple Vulnerabilities In Yellowfin BI Could Allow RCE Attacks

LearnPress Plugin Vulnerabilities Risk Numerous WordPress Sites

TROJANPUZZLE Attack Forces AI Assistants to Suggest Rogue Coding

Multiple Vulnerabilities Found In Samsung Galaxy App Store App

Researchers Find Class Pollution-A Prototype Pollution Variant That Affects Python

Be on the lookout for this AnyDesk Phishing campaign that delivers Vidar info stealer

Brave Browser turns your device into a proxy for others via “Snowflake” Feature

This tool, “telerwaf”, protects go apps from web-based attacks
Hacking Tools
Test3213

Test 2

test

Authentication Flood | Wireless Network Attacks [FREE COURSE CONTENT]

Here are some tips for students to help protect their data privacy

Client-Side Exploitation [FREE COURSE VIDEO]

What Common Security Problems Are Cloud-Based Networks?

Penetration testing OWASP Top 10 Vulnerabilities [FREE COURSE CONTENT]

OSINT Fundamentals [FREE COURSE CONTENT]
Trending Tags
Hacking Tutorials

Test3213

Test 2

test

Authentication Flood | Wireless Network Attacks [FREE COURSE CONTENT]

Here are some tips for students to help protect their data privacy

Client-Side Exploitation [FREE COURSE VIDEO]

What Common Security Problems Are Cloud-Based Networks?

Penetration testing OWASP Top 10 Vulnerabilities [FREE COURSE CONTENT]

OSINT Fundamentals [FREE COURSE CONTENT]
Kali Linux
Villain : Windows And Linux Backdoor Generator And Multi-Session Handler

PXEThief : Extract Passwords From The Operating System Deployment Functionality

The Terminal Application Cypherhound contains 260+ Neo4j Cyphers for BloodHound DataSets

Subparse: Modular Malware Analysis Artifact Collection And Correlation Framework

AzureHound : Azure Data Exporter For BloodHound

Xerror is an automated penetration testing tool with GUI

Mongoaudit is an audit and pentesting tool for MongoDB databases

ADFSRelay – Proof of Concept Utilities Developed For Researching NTLM Relaying Attacks Targeting ADFS

Azure Sentinel protects Kubernetes deployments
Trending Tags
Security

Facebook & Instagram Flaw Let Anyone Bypass Two-factor Authentication

U.S. No Fly List Leaked on Hacker Forum

Hackers Exploiting Unpatched Exchange Servers in The Wild

Critical Realtek Vulnerability Impacting IoT Devices Worldwide

New Research Uncovers Threat Actor Behind Infamous Golden Chickens Malware-as-a-Service

Doctor Paid $60k in Bitcoin to Hire Dark Web Hitmen

What is Word Unscrambler In Gaming?

Yandex Source Code Online Leaked, Company Denies Hack

Extradited Alleged ShinyHunters Hacker Pleads Not Guilty in US Court
Advertise

No Result

View All Result

SS7 SMS Intercept

SS7 SMS Intercept

SS7 SMS Intercept

Home Hacking News

Multiple Vulnerabilities Found In Samsung Galaxy App Store App

by Ineedhack

January 23, 2023

in Hacking News

79

SHARES

494

VIEWS

Share on Facebook Share on Twitter

Kripkey Spy Phone

Kripkey Spy Phone

Kripkey Spy Phone

Samsung Galaxy App Store users were at risk from security flaws discovered by researchers. An adversary could use the vulnerability to infect targeted devices with malware or perform malicious activities. Samsung fixed the vulnerabilities before they could be exploited.

Samsung App Store App Vulnerabilities

A recent by the NCC Group revealed that their team found two security problems in Samsung’s Galaxy App store app.

Samsung’s is the Galaxy App Store. It provides users with an alternative to downloading applications. It is pre-installed on almost all supported Samsung devices such as smartphones and Samsung Gear. This means that any problems with this app could potentially affect many people worldwide.

Concerning vulnerabilities, the advisory describes the first as inappropriate access control (CVE-20223-21433). It is stated that

The Galaxy App Store exported an activity that does not protect incoming intents.

This flaw could be exploited by an attacker who installs a malicious application on target devices to install additional apps from Galaxy App Store.

The vulnerability was found in Galaxy App Store version 4.5.44.1. This vulnerability is not present on Android 13 devices.

CVE-2023-21344, the second vulnerability could permit a local attacker execute malicious JavaScript onto target devices. This is done by tricking victims into clicking malicious URLs. The vulnerability was caused by poorly-configured webview filters, which allowed the user to browse a malicious domain.

The vulnerability was found in the Galaxy App Store Version 4.5.48.3 among others.

Researchers shared technical information with respective PoCs regarding both flaws and advisory.

Samsung Invented The Flaws

These vulnerabilities were discovered by researchers in the latter part of 2022. They then disclosed them to Samsung. The tech company responded by developing fixes and releasing the patches in the Galaxy App Store version 4.5.49.8.

To avoid exploits, upgrade their device with the most recent version of the app.

We would love to hear your comments.

Tags: hack news hacking news hacking software hacking tips hacking tutorials

Ineedhack

Next Post

Hackers remote interrupt GTA Online PC Gameplay

No Result

View All Result