CERT-In Warns Samsung Users of Critical Security Threats

CERT-In, the Computer Emergency Response Team of India, has issued a crucial nationwide alert to

Samsung smartphone users, stressing the need to update their devices promptly. The alert specifically

addresses security vulnerabilities identified in Samsung devices running on Android versions 11, 12, 13,

and 14.

These vulnerabilities are liable to be exploited and could potentially enable unauthorised access to

sensitive data stored on the affected devices. It is imperative for users to promptly update their

Samsung smartphones to obliterate this security threat.

CERT-In has classified the risk as high, emphasising the possibility of attackers exploiting these

vulnerabilities to bypass security protocols, gain access to a user’s confidential information, and execute

unauthorised code on targeted systems. The recognised vulnerabilities present a potential threat to

multiple components within the Samsung ecosystem.

The comprehensive examination conducted by the government's cybersecurity team unveils various

potential issues that include a whole list like inadequate access control in Knox features, integer

overflow vulnerabilities in facial recognition software, authorisation issues with the AR Emoji,

mishandling of errors in Knox security software, and several memory corruption vulnerabilities in diverse

system components.

Furthermore, the identified vulnerabilities dwell on concerns as incorrect data size verification in the

Soft IMD library, unvalidated user input in the Smart Clip app, and hijacking of specific app interactions

in the user’s contacts.

If an attacker successfully manoeuvres these vulnerabilities, the ramifications could be severe. The

official statement lists potential outcomes, including triggering heap overflow and stack-based buffer

overflow, obtaining the device SIM PIN, broadcasting with elevated privilege, reading sandbox data of

AR Emoji, bypassing Knox Guard lock by altering system time, accessing arbitrary files, gaining entry to

sensitive information, executing arbitrary code, and compromising the targeted system.

The impacted Samsung Android mobile versions comprise 11, 12, 13, and 14. Samsung Galaxy S23

series, Samsung Galaxy Z Flip 5, Samsung Galaxy Z Fold 5, and others are mentioned as vulnerable

devices.

To mitigate risks linked to these vulnerabilities, users are strongly encouraged to implement the

following precautions:

 Promptly install security updates.

 Ensure apps are kept up to date.

 Exercise caution during the installation of new apps.

 Be vigilant when clicking on links.

This urgent advisory is aimed at safeguarding Samsung users from potential security threats. It

reinforces the significance of taking proactive measures to secure the devices.

FOR MORE NEWS FOLLOW