Go to listing page

Multiple Zero-Day exploits discovered in iPhone X, Samsung Galaxy S9 and Xiaomi Mi6

Multiple Zero-Day exploits discovered in iPhone X, Samsung Galaxy S9 and Xiaomi Mi6
  • The bugs were discovered in various components of iPhone X, Samsung Galaxy S9 and Xiaomi Mi6.
  • The zero-day exploits and could allow cybercriminals to gain control over the devices.

Leading smartphone-manufacturing companies like Apple, Samsung and Xiaomi appear to be failing to implement the best security solutions in their mobile devices. Few of the models manufactured by these companies have been found to contain serious vulnerabilities that could allow cybercriminals to gain control over the devices.

The bugs were discovered in various components of the iPhone X, Samsung Galaxy S9 and Xiaomi Mi6. These flaws were discovered by security experts at the PacSec security conference in Tokyo, which hosted the Pwn2Own competition.

Multiple vulnerabilities in Xiaomi Mi6

The bugs found in the Xiaomi Mi6 was discovered by a two-member team from Fluoroacetate. The duo used the touch-to-connect feature and hacked into the phone via the NFX component.

“Using the touch-to-connect feature, they forced the phone to open the web browser and navigate to their specially crafted webpage” the Zero Day Initiative (ZDI) said in its report. “During the demonstration, we didn’t even realize that action was occurring until it was too late. In other words, a user would have no chance to prevent this action from happening in the real world”

An additional five flaws were discovered by a team of three members from MWR Labs. The trio exploited the Wi-Fi feature of the phone to silently install a malicious application via JavaScript and automatically launch it.

“When the phone connected to their Wi-Fi server, they forced the default web browser to navigate to a portal page – much like joining the Wi-Fi at a coffee shop. They then chained additional bugs together to silently install an application via JavaScript, bypass the application whitelist, and automatically start the application. In all, five different bugs were chained together for this demonstration, which earned the MWR team $30,000 USD and 6 Master of Pwn points,” ZDI said.

Exploiting Samsung Galaxy S9

After exploiting Xiaomi Mi6, the duo from Fluoroacetate went on to hunt for some bugs on the Samsung Galaxy S9. They found a heap overflow vulnerability in the baseband component of the phone.

“They made quick work of it by using a heap overflow in the baseband component to get code execution. Baseband attacks are especially concerning, since someone can choose not join a Wi-Fi network, but they have no such control when connecting to baseband,” ZDI said.

Vulnerabilities in iPhone X

The Fluoroacetate team also discovered bugs in iPhone X. They combined a JTI bug in the browser along with an out-of-bounds access to access a deleted image from the phone.

“Our day began with theFluoroacetate duo of Amat Cama and Richard Zhu targeting the iPhone X in the browser category. After a stellar first day, they kicked off Day Two in style by combining a JIT bug in the browser along with an Out-Of-Bounds Access to exfiltrate data from the phone.” said ZDI about the second day of the competition in a blog post.

Cyware Publisher

Publisher

Cyware