Note to Galaxy Store users on Samsung Galaxy smartphones, it is highly recommended to install the latest update from the manufacturer’s application store. Indeed, computer security researchers have discovered two critical security flaws in the app. Explanations.
If you regularly use the Galaxy Store, the online store preinstalled on all Samsung smartphones, it is highly recommended to install the latest application update. Indeed, computer security researchers from the specialized company NCC-Group have discovered two critical security vulnerabilities within the Galaxy Store.
The Galaxy Store harbors two critical security flaws
Identified under the number CVE-2023-21433, the first vulnerability allows local attackers to install apps from the store on your smartphone, all without your knowledge of course. It is specified that a malicious application preinstalled on your device can be used to exploit this flaw.
As for the second, registered under the number CVE-2023-21434, here is what it allows once exploited: “improper input validation could allow local attackers to execute JavaScript when launching a web page”.
According to experts from NCC Group, this vulnerability was caused by an incorrectly configured WebView in the Galaxy Store. As a reminder, the Android System WebView is the official Google app that allows you to open a web browser within an application. In a concrete way, an attacker can bypass the usual Galaxy Store WebView restrictions and to set up a redirection to a domain controlled by him.
“Attackers were able to bypass Samsung’s URL filter by tricking victims into tapping a malicious hyperlink in Google Chrome or through a malicious app pre-installed on their Galaxy device. They can then run JavaScript by launching a web page,” explains the NCC Group.
Samsung quickly fixed the problem
Researchers discovered the vulnerabilities in the Galaxy Store between November 23 and December 3, 2022. So far, NCC Group has confirmed that app versions 4.5.44.1 and 4.5.48.3 are affected. However, he points out that other versions may be affected. Samsung was informed of the problem, and fortunately the firm corrected these vulnerabilities within two weeks of the transmission of the NCC Group report by deploying the 4.5.49.8 update for the Galaxy Store.
Last precision, the researchers confirm that the new security measures introduced on Android 13 prevent the exploitation of the 1st flaw. Nevertheless, this is not the case for the second. Hence the absolute necessity of downloading the latest update from the Galaxy Store. As a reminder, in December 2021, the Galaxy Store was singled out for offering dangerous apps for download.
