New research disclosed a string of severe security vulnerabilities in Samsung’s Find My Mobile app. The flaw could have allowed remote attackers to track victims’ real-time location, monitor phone calls, and messages. The flaws work on unpatched Samsung Galaxy S7, S8, and S9+ devices, which were addressed by Samsung after flagging the exploit as a “high impact vulnerability” The flaw stems from the fact the app checks for the presence of a specific file on the device’s SD card in order to load a URL that can be used by a rogue app.
Source: https://thehackernews.com/2020/08/samsung-find-my-phone-hacking.html