Skip to main content

Major security vulnerability found in Samsung phones — what to do now

Samsung Galaxy S22 review
(Image credit: Tom's Guide)

Samsung makes some of the best smartphones, but that means when there's a security vulnerability, there's a greater chance that a large number of people will be affected.

If you have a Samsung smartphone or tablet, better make sure it's on the latest version. Kryptowire (opens in new tab) today announced that it had discovered a serious security vulnerability in Samsung devices that could allow hackers to gain virtual control over the entire device. 

Fortunately, the issue was discovered and patched by Samsung in February, but if you have a Samsung phone, you should make sure it's fully up to date.

Which Samsung phones were affected?

Samsung devices that had the native Phone app, and running Android versions 9 through 12 were affected. The vulnerability allowed untrusted apps to hijack phones and any other Android systems, gaining unauthorized access to privileged data capabilities.

What was the vulnerability?

Kryptowire discovered the vulnerability in the pre-installed Phone app, which had an insecure component that allowed local apps to perform privileged operations without user authorization. For example, the vulnerability could let hackers factory reset the phone, make phone calls, install and uninstall apps, install root certificates, and more. 

When did Samsung know, and when was it fixed?

According to Kryptowire, the CVE-2022-22292 vulnerability was disclosed to Samsung on November 27, 2021 and given a “High” severity rating by Samsung. Samsung patched the vulnerability in February 2022 as part of its ongoing Security Maintenance Release (SMR) process (opens in new tab).

How to make sure your Samsung phone is up to date

To ensure your smartphone is running the latest version of Android, go to the Settings menu, then scroll down Software update at the bottom of the menu. Tap Download and install, then your phone will check for an update. It'll tell you if your device is up to date.

MORE: Almost all Android smartphones at risk of attack — what to do

Mike Prospero
U.S. Editor-in-Chief, Tom's Guide

Michael A. Prospero is the U.S. Editor-in-Chief for Tom’s Guide. He oversees all evergreen content and oversees the Homes, Smart Home, and Fitness/Wearables categories for the site. In his spare time, he also tests out the latest drones, electric scooters, and smart home gadgets, such as video doorbells. Before his tenure at Tom's Guide, he was the Reviews Editor for Laptop Magazine, a reporter at Fast Company, the Times of Trenton, and, many eons back, an intern at George magazine. He received his undergraduate degree from Boston College, where he worked on the campus newspaper The Heights, and then attended the Columbia University school of Journalism. When he’s not testing out the latest running watch, electric scooter, or skiing or training for a marathon, he’s probably using the latest sous vide machine, smoker, or pizza oven, to the delight — or chagrin — of his family.