BlogsSamsung Zero Click Exploit Threatens RCS Messages

Samsung Zero Click Exploit Threatens RCS Messages

Critical analysis of CVE-2024-49415 vulnerability affecting Samsung devices running Android 12-14, enabling zero-click remote code execution through RCS messaging

Overview

A critical zero-click vulnerability (CVE-2024-49415) has been discovered in Samsung devices, affecting the Monkey's Audio decoder with a CVSS score of 8.1. The vulnerability has been patched in the December 2024 security update, but posed significant risks through RCS messaging exploitation

Whom it may concern

  • Mobile Device Administrators managing Samsung fleet
  • Security Teams handling Android device security
  • End users with Samsung devices running Android 12-14

Key Findings

  1. Zero-click exploitation possible through RCS messaging
  1. Affects devices with Android versions 12, 13, and 14
  1. Patch available in December 2024 SMR Release 1
  1. Buffer overflow vulnerability in libsaped.so

Risk Analysis

  • Probability: High - No user interaction required
  • Impact: Severe - Remote code execution possible
  • Affected Systems:
- Samsung Galaxy S23
- Samsung Galaxy S24
- Other Samsung devices with RCS enabled

Action Items

  • Immediate patch deployment required
  • Enable automatic security updates
  • Audit RCS configurations
  • Monitor for exploitation attempts

Sources

  • [The Hacker News](https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html)
Share this article

Stay up to date

Join my community and receive the latest risk news and trends.

ResourcesLegal