Easy way to hack Samsung Galaxy phones with Android 9, 10, 11 or 12 via preinstalled application

Cybersecurity specialists from the firm Kryptowire report the detection of CVE-2022-22292, a severe vulnerability in some Samsung devices with versions 9, 10, 11 and 12 of the Android operating system. According to the report, exploiting the flaw would allow the delivery of arbitrary Intent objects to be executed by a pre-installed application with high privileges.

In addition to this issue, an underlying vulnerability would allow a third-party application to be used to send data to arbitrary activity application components in the context of a pre-installed application. This opens up a large attack surface for third-party applications, allowing arbitrary Intent objects with embedded data to be sent to activities that appear to originate from the affected system itself. In other words, an unprivileged application can use an unprotected interface to send Intent objects and perform actions on its behalf.

What is this flaw?

Mobile apps are limited to their own context when you launch an activity app component through an Intent object. This flaw would allow local applications to indirectly use the context of a pre-installed application with the system’s User ID (UID) when initiating activities through a malicious Intent object.

The concept of an attacker-controlled Intent object refers to the pre-installed application affected by this vulnerability using the system UID to obtain an Intent object embedded within another Intent object sent from a malicious application, which will then execute an application activity component using the embedded Intent object. This can be conceptualized as “intent forwarding,” where the attacker controls the Intent object that sends a privileged process that would allow the start of non-exported application activi ..

Support the originator by clicking the read the rest link below.