Samsung has confirmed it is working “as quickly as possible” to fix a vulnerability in multiple Samsung devices that gives access to all physical memory if it is powered by a specific Samsung Exynos processor, Android Central reports.
Allowing attackers to potentially use malicious apps to wipe data and brick devices or even access data, Samsung said it is aware of the issue and will roll out a software update as quickly as it can to limit potential issues.
The statement in full:
Samsung is aware of the potential security issue related to the Exynos processor and plans to provide a software update to address it as quickly as possible.
The issue may arise only when a malicious application is operated on the affected devices; however, this does not affect most devices operating credible and authenticated applications.
Samsung will continue to closely monitor the situation until the software fix has been made available to all affected mobile devices.
The vulnerability was first highlighted on XDA Developers, where the exploit was tested on a Samsung Galaxy S III, which rooted the device. The flaw also exists on the Samsung Galaxy S II, the Samsung Galaxy Note II, the Meizu MX, and potentially other devices that feature an Exynos processor (4210 and 4412) and use Samsung kernel sources.
Other affected devices are said to include: Samsung Galaxy S2 GT-I9100, Samsung Galaxy S3 GT-I9300, Samsung Galaxy S3 LTE GT-I9305, Samsung Galaxy Note GT-N7000, Samsung Galaxy Note 2 GT-N7100, Verizon Galaxy Note 2 SCH-I605 (with locked bootloaders), Samsung Galaxy Note 10.1 GT-N8000, and the Samsung Galaxy Note 10.1 GT-N8010.
While there are third-party fixes available for the vulnerability, Samsung will be able to roll it out to those not aware of the issue at all. If you have an affected device, we’ll keep you updated when we know more.