Researchers have disclosed a high-severity issue that could allow attackers to hijack the Google Camera App, the built-in smartphone camera for Android phones. The issue was fixed for Google-manufactured phones in July but Google said patches are still rolling out to smartphones in the broader Android ecosystem, including Samsung phones. Researchers found that when a third-party application requests storage permissions from an Android phone user, it is able to access the camera, record video and access geolocation data embedded in stored photos.
Source: https://threatpost.com/google-android-camera-hijack-hack/150409/