A security vulnerability has been identified on Samsung Galaxy S21 devices that could allow threat actors to execute arbitrary code with root privileges.
The vulnerability arises from improper sanitization of user-supplied data in the Galaxy Store. As a result, a remote threat actor can create a legitimate-looking link that, when clicked, will redirect the target to a malicious domain and allow code execution with elevated privileges on affected devices. Exploiting this vulnerability requires user interaction.
The security vulnerability, which is considered of high severity, has been fixed with the updates released by Samsung. To not be affected by this vulnerability, it is recommended to apply the published updates immediately.