Major vulnerability found in Exynos 4210 and Exynos 4412 devices

A Major vulnerability has been found on devices using Exynos 4 SoC and Samsung Kernel sources. The vulnerability was discovered by XDA-Developers’ forum member alephzain. The security flaw is actually in the kernel which makes the device R/W by all users, apps and gives access to full Physical Memory. In short, all Exynos 4 devices come pre-rooted directly from the manufacturers. We can give you one bad news and one good news about this discovery.

The bad news is that any application downloaded from the Google Play Store or installed manually can take FULL control of the device and cause permanent damage, even if the device is not rooted. XDA-Developers’ Elite Recognized Developer Supercurio is already working on an app which can patch this security hole and prevent apps from taking over the device, he will release the app soon on Google Play Store.

The good news is that with this security flaw rooting an Exynos 4 device has just got a lot easier. XDA-Developers’ Elite Recognized Developer Chainfire has already released an app called ExynosAbuse which can root a device with just a single click of a button. Now you don’t have to flash unsecure or pre-rooted kernels through odin/heimdall on your Samsung device, all can be done via an app.

Exynos 4210 devices:
- Samsung Galaxy Note GT-N7000
- Samsung Galaxy S2 GT-I9100
- AT&T Samsung Galaxy S2 GT-I777

Exynos 4412 devices:
- Samsung Galaxy S3 GT-I9300
- LTE Samsung Galaxy S3 GT-I9305
- Samsung Galaxy Note 2 GT-N7100
- LTE Samsung Galaxy Note 2 GT-N7105
- Samsung Galaxy Note 10.1 GT-N8000
- Samsung Galaxy Note 10.1 GT-N8010
- Meizu MX

(Source: XDA-Developers)

Firmware news 13
Related newsLatest news

Leave a Reply

Falha em smartphones Samsung dá acesso total a informações do usuário | Unders Tech
2 years 11 months ago

[…] via Sammobile […]

4 years 4 months ago

And the app works, in the latests firmware 4.1 it does not damages the camera

4 years 4 months ago

Ok… So maybe this is what happened to my S3… It fell down on September and lasted working a month and suddenly it just didn´t wanted to turn on, the official diagnose was the electric system was damaged and I had to pay for a new electric motherboard, approx $400…

4 years 4 months ago

I use exynosabuse to fix

/dev/exynos-mem have the good right after and my camera works like before

Galaxy s3 i9300 4.1.1 xef

4 years 4 months ago

I believe Samsung will fix this promptly. Any kind of vulnerability can only ruin Samsung image and bring about decrease of consumers confidence. Samsung knows that and it will use this situation to show how prompt they are when it comes to customer care. If they do not do that, they risk very much when it comes to Android phone market.

On the other hand, Samsung (maybe) wanted to shake up Android OS in order to make some room for their upcoming Tizen OS. They might have hoped that the blame would go on Google, rather than on Exynos and Samsung Kernel.
Why would Samsung do that? Samsung might be mad because they did not get to manufacture the Nexus 4. Samsung is used to getting a lion share of Android phone market. Having LG in the game is something they do not like at all.

I know, there is a lot of might-s and maybe-s, but as a former user of Bada, there must be some substantial amount of doubt that Samsung left in me.

4 years 4 months ago



4 years 4 months ago

Good thing it’s open source so it can be found and fixed. Can’t say the same thing about Apple’s stuff.

4 years 4 months ago

First their dogged and continued stubbornness when it comes to releasing binaries to xda developer community (arguably their biggest ally) and now this, a gaping vulnerability in their kernels (before this there was the USSD dialer venerability).

Samsung management exude levels of brilliance not seen since the extinction of the dodo…

4 years 4 months ago

At least i have fixed this today on my CM 10.1 unsupported build (S3 i9300). Thanks to codeworkx, xplod, and whole team hacksung. And thanks to the first releases of Insignal/origen board of Exynos 4.

4 years 4 months ago

Doesn’t have any relation to the Exynos SoC’s, it’s just a stupid fault in the Samsung kernel sources. Can easily be fixed by Samsung or by anyone with root access.

4 years 4 months ago

Apple will love this!!

Is there some firmware update that can fix this?

4 years 4 months ago

I love Samsung they slow and now big security holes, do not care have warranty or take legal action if something going wrong!

4 years 4 months ago

So.We will have a solution for this?Or our devices will be dead very sooner than normal time.This is a serious thing cause we have gave much money for those devices