“Once you have the existing vulnerability this one overcomes all of Samsung's protection mechanisms and gives you complete control of the device,” the researchers explained to Wired, adding that they were able to avoid all protections and had the ability to execute their own code. Samsung may have patched the existing CVE-2015-1805 kernel vulnerability that this exploit relied upon but researchers are of the view that older devices that have not yet been updated could still remain at risk. This is precisely why a spokesperson for Samsung encouraged customers to always ensure that the software on their devices is regularly updated while reiterating that this exploit has already been fixed by the company in a security update sent out earlier this year.
