A critical vulnerability has been discovered in Samsung mobile phones, which requires no user interaction, and impacts Samsung mobile phones running Android version 4.4.4 or later (which is in phones sold from 2014 onward). This vulnerability has been patched and users are advised to update now. If exploited, this vulnerability could allow a malicious actor to gain access to the Samsung Messenger application and all associated permissions and privileges, including call logs, SMS, storage, and the device microphone.
This bug is tracked as CVE-2020-8899 in the Mitre CVE database, and has been given a vulnerability score of 10 (critical).