View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 5, 2015

Security flaws found on Samsung’s Galaxy S6 Edge, says Google

News: Researchers found numerous vulnerabilities on the popular phone

By Charlotte Henry

Samsung’s high-end device, the Galaxy S6 Edge, has been exposed as having a number of vulnerabilities, which researchers say are "trivially exploitable."

A team at Google’s Zero Day Project attacked the device, finding 11 vulnerabilities within the popular phone, and alerted Samsung.

Most worryingly, a "directory traversal bug" allowed the team to get into the phone, and change files on the system.

Another vulnerability allowed emails to be forwarded to another account, while another means that a downloaded image can be used to escalate priviliges in the Samsung Gallery app or the media scanning process.

Issues were found with the drivers, including a bug that meant that "memory corruption in a driver that could be used to escalate from any unprivileged application or code execution to kernel."

Many of the vulnerabilities were fixed in October’s update from Samsung, with others to be done in November.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.