by Google Project Zero researchers have discovered 18 vulnerabilities in the widely used Samsung Exynos modem chips, four of which allow attackers to remotely hack into phones at the baseband level without any user intervention, knowing only the victim’s phone number. interact. Affected chipsets include: Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, and Exynos Auto T5123, and affected products include: Samsung S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series, Vivo S16, S15, S6, X70, X60 and X30 series, Google Pixel 6, 6 Pro, Pixel 6a, Pixel 7 and 7 Pro, any smartwatch using Exynos W920 chipset, any smartwatch using Exynos Auto T5123 car, and so on. Affected devices can protect themselves by turning off Wi-Fi calling and Voice-over-LTE (VoLTE) in the settings until the patch is released, the researchers said.
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
