Just unrestricted an issue that shows a fun new attack surface. Android RCS locally transcribes incoming media, making vulnerabilities audio codecs now fully-remote. This bug in an obscure Samsung S24 codec is 0-click
Can you find an ITW 0-day from crash logs? Project Zero finds out
Wanna chat? Come by the Meet-up area in the Business Hall at 3 pm today.
Greeting not required
Looking forward to sharing what I’ve learned from 10 years of Project Zero at Black Hat tomorrow
11:20, Oceanside A
See you there!