" "

Indian govt warns Samsung users about major security risk; Know how to secure your phone

author-image
ISN Team
New Update
samsung security alert government cert in

The Indian government, through the Computer Emergency Response Team of India (CERT-In), has issued a high-risk warning to users of Samsung Galaxy phones.

The alert, identified as CERT-In Vulnerability Note CIVN-2023-0360, points to critical security vulnerabilities in Samsung Mobile Android versions 11, 12, 13, and 14.

According to CERT0In, These severe vulnerabilities could allow attackers to bypass security measures, access sensitive information, and execute arbitrary code on targeted systems.

Advertisment

Nature of vulnerabilities

CERT-In's research reveals multiple vulnerabilities, including improper access control in Knox features, an integer overflow flaw in facial recognition software, authorization issues with the AR Emoji app, and incorrect handling of errors in Knox security software.

Additionally, there are multiple memory corruption vulnerabilities in various system components, incorrect data size verification in the softsimd library, unvalidated user input in the Smart Clip app, and hijacking of certain app interactions in contacts, it said.

What are the potential risks?

CERTN-In said the attackers might trigger a heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcasts with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock via changing system time, access arbitrary files, and compromise the targeted system. 

The threat extends to various Samsung devices, including the Galaxy S23 series, Galaxy Z Flip5, Galaxy Z Fold5, and more.

How to secure your phone?

Samsung has released software patches to address these issues. Users are advised to:

  1. Apply Security Updates: Navigate to Settings > Software update > Download and install on your device to apply the latest security patches.
  2. Exercise Caution: Be vigilant, especially when interacting with untrusted sources or unknown applications.
  3. Update Apps Regularly: Ensure all apps are updated via the Google Play Store.
  4. Install Apps from Trusted Sources: Avoid downloading apps from third-party websites.
  5. Be Cautious with Links: Avoid clicking on links from unknown senders.

Join our new WhatsApp Channel for the latest startup news updates

Subscribe