CERT-In, the Computer Emergency Response Team of India, has issued a crucial nationwide alert to
Samsung smartphone users, stressing the need to update their devices promptly. The alert specifically
addresses security vulnerabilities identified in Samsung devices running on Android versions 11, 12, 13,
and 14.
These vulnerabilities are liable to be exploited and could potentially enable unauthorised access to
sensitive data stored on the affected devices. It is imperative for users to promptly update their
Samsung smartphones to obliterate this security threat.
CERT-In has classified the risk as high, emphasising the possibility of attackers exploiting these
vulnerabilities to bypass security protocols, gain access to a user’s confidential information, and execute
unauthorised code on targeted systems. The recognised vulnerabilities present a potential threat to
multiple components within the Samsung ecosystem.
POTENTIAL THREATS AS MENTIONED IN ADVISORY
The comprehensive examination conducted by the government's cybersecurity team unveils various
potential issues that include a whole list like inadequate access control in Knox features, integer
overflow vulnerabilities in facial recognition software, authorisation issues with the AR Emoji,
mishandling of errors in Knox security software, and several memory corruption vulnerabilities in diverse
system components.
Furthermore, the identified vulnerabilities dwell on concerns as incorrect data size verification in the
Soft IMD library, unvalidated user input in the Smart Clip app, and hijacking of specific app interactions
in the user’s contacts.
If an attacker successfully manoeuvres these vulnerabilities, the ramifications could be severe. The
official statement lists potential outcomes, including triggering heap overflow and stack-based buffer
overflow, obtaining the device SIM PIN, broadcasting with elevated privilege, reading sandbox data of
AR Emoji, bypassing Knox Guard lock by altering system time, accessing arbitrary files, gaining entry to
sensitive information, executing arbitrary code, and compromising the targeted system.
The impacted Samsung Android mobile versions comprise 11, 12, 13, and 14. Samsung Galaxy S23
series, Samsung Galaxy Z Flip 5, Samsung Galaxy Z Fold 5, and others are mentioned as vulnerable
devices.
STEPS TO STAY SAFE
To mitigate risks linked to these vulnerabilities, users are strongly encouraged to implement the
following precautions:
Promptly install security updates.
Ensure apps are kept up to date.
Exercise caution during the installation of new apps.
Be vigilant when clicking on links.
This urgent advisory is aimed at safeguarding Samsung users from potential security threats. It
reinforces the significance of taking proactive measures to secure the devices.
FOR MORE NEWS FOLLOW