Samsung Galaxy App Store has retained diverse vulnerabilities which can allow local attackers to install applications from the Galaxy App Store without your knowledge, it can be said that the issue could result in improper access control.
As per the info, the researchers of NCC Group discovered these flaws between November 23 and December 3, 2022. Which has now got fixed with the Samsung Galaxy Store app version 22.214.171.124. The group has also shared technical details for issues with proof-of-concept.
The report further mentions that the Galaxy App Store issue is especially flooding on the devices running Android 12 and below, and the Galaxy smartphones upgraded over Android 13 based One UI 5 have not been affected by this malware as of now.
Two vulnerabilities were uncovered with the Galaxy App Store application:
- Technical Advisory: Improper access control could allow local attackers to install applications from the Galaxy App Store (CVE-2023-21433)
Samsung Galaxy Store is an application store that comes pre-installed on Galaxy smartphones and offers various applications to download for your devices. To remain protected from unwanted viruses keep your app updated to the latest version.