When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
The Exynos W920 is primarily used in wearable devices like Samsung’s Galaxy Watch series.
“This 0-day exploit is part of an EoP chain,” TAG said in its technical write-up.
“The actor is able to execute arbitrary code in a privileged cameraserver process.
The exploit also renamed the process name itself to ‘vendor.samsung.hardware.camera.provider@3.0-service,’ probably for anti-forensic purposes.”
There was no mention of other vulnerabilities exploited as part of the chain.
Googles researchers did not discuss the identity of the miscreants abusing this flaw.
