Govt Warns: Samsung Phones at Risk, Update Now

A high-risk warning for Samsung Mobile customers has been released by the Indian government’s Computer Emergency Response Team (CERT-In), and it is known as CERT-In Vulnerability Note CIVN-2023-0360. The alert highlights important security flaws that affect Samsung Mobile Android versions 11, 12, 13, and 14. These flaws may provide attackers access to private data, allow them to circumvent security measures, and let them run arbitrary code on the systems they’re targeting.

A number of problems cause these flaws, including inappropriate access control in Knox features, a face recognition software fault involving an integer overflow, problems with the AR Emoji app’s authorization, and more. By taking advantage of these flaws, confidential data kept on the impact of the devices may become accessible without authorization. Users must apply updates for Samsung cell phones as soon as possible to reduce this risk. CERT-In highlights the possibility of attackers bypassing security measures by listing several vulnerabilities in Samsung goods.

By taking advantage of these vulnerabilities, malicious actors may be able to compromise the targeted system by gaining unauthorized access to confidential data and potentially executing foreign code.

Important to note, the Samsung phones affected are using Android versions 11, 12, 13, and 14. This includes popular models like the Samsung Galaxy S23 series

CERT-In warns that there may be issues within Samsung products.

• Improper handling of Knox Securities software bugs
• Knox Features’ improper access control
• Facial recognition software has an integer overflow bug.
• The AR emoji app is having authorization problems.
• There are several vulnerabilities for memory corruption in different parts of the system.
• The softsim library contents and incorrect data verification
• Incorrect user input in the Smart Clip application
• Unauthorised use of specific app interactions within contacts

Samsung smartphone users should upgrade their firmware immediately. It is imperative that consumers maintain constant watchfulness and upgrade their phones with the latest releases from the providers. Furthermore, use caution when opening links, installing applications, and accessing unidentified websites, especially if the software on your phone hasn’t been updated.

Also, an extremely severe rating has been provided by the CERT-In alert, which may worry those who use Chrome on their machines. The notice alerts users to the fact that many vulnerabilities in Google Chrome have been found that might allow attackers to run arbitrary code and get personal data by taking users to visit websites that are particularly targeted.

Thanks to “NDTV“