Be the first, order the brand new Galaxy S24 FE, Galaxy Tab S10 Ultra, order the KING Galaxy S24 Ultra!

SamMobile has affiliate and sponsored partnerships. If you buy something through one of these links, we may earn a commission.

News For You
News For You
Notifications

Galaxy S23 and rival Xiaomi 13 Pro get hacked live

Phone
By 

Last updated: October 25th, 2023 at 11:37 UTC+02:00

The Galaxy S23 may be one of the most secure Android phones, but it is not impermeable. No smartphone is, regardless of who manufactures it. The Zero Day Initiative's ongoing Pwn2Own event in Toronto highlights that consumer electronics are always susceptible to attacks, and smartphones from both Samsung and Xiaomi were the focus of some newly discovered zero-days.

A zero-day is a vulnerability in a computer system that was previously unknown to its developers or anyone capable of mitigating it (via Wikipedia). Through its Pwn2Own event, the Zero Day Initiative encourages security researchers to report zero-day vulnerabilities privately to vendors. Cash rewards are at stake.

On the first day of the ongoing Pwn2Own 2023 Toronto event, researchers were able to exploit two zero-days affecting the Galaxy S23 and two zero-days on the Xiaomi 13 Pro. Once again, these exploits were previously unknown to Samsung, Google (and Xiaomi), or anyone able to patch them.

Story continues after the video

$75,000 awarded for discovering two Galaxy S23 zero-days

According to the Zero Day Initiative blog, Star Labs SG was able to exploit a permissive list of allowed input against the Galaxy S23. For discovering and demonstrating this zero-day, they earned $25,000 and 5 Master of Pwn points.

The bigger prize of $50,000 and 5 Master of Pwn points went to Pentest Limited for executing an Improper Input Validation on the Galaxy S23.

These newly-discovered vulnerabilities will likely be addressed with future security patches, and the exploit methods kept in secrecy untile then.

Security researchers have also found zero-days in the Xiaomi 13 Pro. Team Viettel earned $40,000 for executing a single-bug attack against the Xiaomi 13 Pro, and NCC Group earned $20,000 by demonstrating a zero-day on the same device.

All of this happened on the first day of the Pwn2Own 2023 Toronto event. There is a high probability that even more zero-days will be demonstrated before the event ends on October 27. We'll keep you posted.

Phone Galaxy S23Galaxy S23 PlusGalaxy S23 UltraXiaomi Buy now!
Scroll for more related content
News For You

You might also like

Galaxy S23, S23+, and S23 Ultra get October 2024 security update

Galaxy S23, S23+, and S23 Ultra get October 2024 security update

Samsung is rolling out a new software update to the Galaxy S23, Galaxy S23+, and Galaxy S23 Ultra. This update contains the October 2024 security patch for Galaxy smartphones and tablets, which fixes 30+ security vulnerabilities in Android and Samsung's One UI. The first market to get the Galaxy S23 series' October 2024 update is […]

  • By Abhijeet Mishra
  • 15 hours ago
Samsung improves global tablet shipments as market grows

Samsung improves global tablet shipments as market grows

New data from market watchers says Samsung maintained its position in the global tablet market, but the company improved year-on-year sales significantly. In fact, according to data from Counterpoint Research, every major tablet brand improved their year-on-year shipments in Q2 2024 compared to a year ago. The tablet market appears to be in a healthy […]

  • By Mihai Matei
  • 5 days ago
One UI 7.0 beta program will be available for both developers and users

One UI 7.0 beta program will be available for both developers and users

The One UI 7.0 beta program will be available for both developers and regular users. This was always expected, but Samsung fans were a little concerned when the company only confirmed the beta for developers following the first official One UI 7.0 teaser at the Samsung developer conference (SDC24) last week. That isn't the case, […]

  • By Abhijeet Mishra
  • 6 days ago
Samsung monthly updates: October 2024 security patch details are out

Samsung monthly updates: October 2024 security patch details are out

Hot on the heels of the first official One UI 7.0 teaser, Samsung has detailed the latest security patch for Galaxy smartphones and tablets. The October security patch brings fewer fixes than the previous few patches that preceded it. The October 2024 patch fixes 30 security flaws in the Android operating system and 12 that […]

  • By Abhijeet Mishra
  • 7 days ago
Galaxy S23 series gets first post-One UI 6.1.1 update in USA

Galaxy S23 series gets first post-One UI 6.1.1 update in USA

A few weeks ago, Samsung released the One UI 6.1.1 update for the Galaxy S23 series. Now, the first software update after One UI 6.1.1 is being rolled out to Galaxy S23 series units in the USA. It is the September 2024 security update that improves the security. Galaxy S23 gets updated with September 2024 […]

  • By Asif Iqbal Shaik
  • 1 week ago
Xiaomi beat Apple in August but couldn’t touch Samsung

Xiaomi beat Apple in August but couldn’t touch Samsung

Samsung and Apple have exchanged leadership over the global smartphone market for the past few years, every few months or so, without any other OEMs getting in the way. However, Xiaomi came out of the left field in August and, taking advantage of Apple's temporary decline, snatched its place. In August, Xiaomi became the 2nd […]

  • By Mihai Matei
  • 4 weeks ago