"Two Vulnerabilities Found in Galaxy App Store"

Security researchers at NCC Group have discovered two new vulnerabilities in the Galaxy App Store application allowing local attackers to install arbitrary applications or execute JavaScript by launching a specific web page.  The first flaw discovered is tracked as CVE-2023-21433 and was ranked high-risk by Samsung.  The researchers stated that this flaw allows other applications installed on the same Samsung device to automatically install any application available on the Galaxy App Store without the user’s knowledge.  The second vulnerability discovered is tracked as CVE-2023-21434 and was marked moderate risk by Samsung.  The researchers discovered that a webview within the Galaxy App Store contained a filter that limited the domains that the webview could access.  The filter was not properly configured, which would allow the webview to browse to an attacker-controlled domain.  The researchers stated that, in other words, tapping a malicious hyperlink in Google Chrome or a pre-installed rogue application on a Samsung device could bypass Samsung’s URL filter and launch a webview to a domain specified by a threat actor.  Both issues reportedly affected only Samsung devices running Android 12 and below.  Samsung patched them in version 4.5.49.8 of the Galaxy App Store on January 01, weeks after NCC Group disclosed the vulnerability on December 03.  The researchers noted that users should open the Galaxy App Store on their phone and, if prompted, download and install the latest version

Infosecurity reports: "Two Vulnerabilities Found in Galaxy App Store"