Skip to main content

Samsung Galaxy owners, beware! Nasty flaw allowed hackers to wipe your phone's data

Samsung Galaxy S22
Samsung Galaxy S22 (Image credit: Laptop Mag/Sean Riley)

A newly discovered vulnerability dubbed "CVE-2022-22292" allowed hackers to make phone calls, install and delete apps, weaken HTTPS security by downloading arbitrary root certificates, and deploy factory resets (i.e., wiping all of your data) on Samsung phones.

Kryptowire, a mobile security and privacy solutions company, found the critical security flaw in Samsung devices running Android versions 9, 10, 11 and 12. Kryptowire disclosed its findings to Samsung last November. Fortunately, the Korea-based tech giant patched the vulnerability in February.

How this nasty Samsung flaw operated

CVE-2022-22292 lets any local app on Samsung devices, including third-party platforms with no permissions from the owner, execute system-level privileges and activities — sans end-user approval. Without user authorization, hackers can exploit this vulnerability to wipe your data via factory resets, remove or install apps, launch phone calls (including 911), and more.

“Ever think someone else has access to your phone? Unfortunately, you may be right,” said Kryptowire CTO Alex Lisle. “Mobile applications are becoming the primary point of personal and professional activity, representing an increasingly attractive target for bad actors.”

According to the Kryptowire report, the impacted Samsung devices (running Android versions 9 to 12) included the Samsung Galaxy S21 Ultra, the Galaxy S10+ and the Galaxy A10e. The report added that Kryptowire investigators tested a Galaxy S8 device running Android 8, but it wasn't vulnerable to CVE-2022-22292. 

How Samsung users can protect their devices

Kryptowire recommends that users initiate automated mobile security scanning regularly. "As points of vulnerability and associated threats increase, a proactive security posture represents the most reliable way to protect personal [...] data from bad actors," Kryptowire said in a press release.

The mobile security company warned that cybercriminals' hacking methods are becoming more sophisticated. As such, Kryptowire says that app developers should also be responsible for ensuring that users are protected from security-breaching malicious actors.

Fortunately, Samsung users needn't worry about the CVE-2022-22292 vulnerability. When Kryptowire notified Samsung about the flaw on Nov. 27, 2021, Samsung slapped it with a high severity rating. As mentioned, the Korea-based tech giant patched the vulnerability last month as part of its ongoing Security Maintenance Release process. Just be sure that you have downloaded the latest security update from Samsung by going to Settings > Software update > Download and install and click "Install Now" if there is an update available.

Kimberly Gedeon, holding a Master's degree in International Journalism, launched her career as a journalist for MadameNoire's business beat in 2013. She loved translating stuffy stories about the economy, personal finance and investing into digestible, easy-to-understand, entertaining stories for young women of color. During her time on the business beat, she discovered her passion for tech as she dove into articles about tech entrepreneurship, the Consumer Electronics Show (CES) and the latest tablets. After eight years of freelancing, dabbling in a myriad of beats, she's finally found a home at Laptop Mag that accepts her as the crypto-addicted, virtual reality-loving, investing-focused, tech-fascinated nerd she is. Woot!