Skip to content

2025

Plaintext Storage of WiFi Credentials - Samsung Cloud Sync

This was my report to Samsung Security team 2023.11.07 03:55 AM (GMT +2)

I am writing to report a security vulnerability I have discovered in the Samsung Cloud synchronization process for WiFi credentials on Samsung devices. This issue concerns the exposure of sensitive information, which I believe warrants immediate attention.

This is not device specific but it happens because of the application and should therefore happen on all devices

Vulnerability Details:

  • Summary: Samsung Cloud syncs WiFi passwords in plaintext, which are then stored on the device and can be accessed by any individual or process with root access.
  • Affected Service: Samsung Cloud WiFi Profile Synchronization.
  • Affected Devices: Samsung devices running on Android 13 (further testing on other versions required).
  • Impact: Potential for unauthorized access to WiFi credentials if root access is obtained by a malicious actor.

How I Restored a Macbook Air - Apple M2 2023 14.9

A friend of mine accidentally wiped all partitions on his Macbook Air including the ones that shouldn't be removed (don’t ask me how this was done). As a result, the device became unbootable and was stuck on the Contact Apple Support logo screen. Since there was no Apple Store nearby, he asked me for help.

Although I had never owned a Mac or worked extensively with Apple devices, I decided to take on the challenge. Surprisingly, the solution turned out to be fairly simple. In this blog post, I'll walk you through exactly what I did, so I have a reference for the future and hopefully, it helps others in a similar situation.