Indian Govt Issues High-risk Warning Against Samsung Galaxy S23, States Urgent Software Update
India govt has issued a high-risk warning to Samsung mobile phone customers about various vulnerabilities. These vulnerabilities are dangerous users need to take proper precautions.
The Indian government’s Computer Emergency Response Team (CERT-In) has issued a high-risk warning for Samsung mobile phone users about several vulnerabilities. CERT-In Vulnerability Note CIVN-2023-0360 warns of major security problems in Samsung Mobile Android 11, 12, 13, and 14. These vulnerabilities are HIGH due to their impact and ease of exploitation. Multiple vulnerabilities in Samsung products could allow attackers to bypass security constraints, access sensitive data, and execute arbitrary code on targeted systems, according to CERT-In. According to the CERT-In advisory, these vulnerabilities affect many Samsung ecosystem components.
CERT-In says Samsung product vulnerabilities include:
- Knox includes access control issues.
- Software integer overflow in facial recognition.
- App authorization difficulties with AR Emoji.
- Incorrect Knox security software error handling.
- Multiple system component memory corruption vulnerabilities.
- Softsimd library data size verification error.
- Smart-Clip app user input validation error.
- Hijacking contact app interactions.
The security note states that exploiting the vulnerabilities “may allow an attacker to trigger a heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read AR Emoji sandbox data, bypass Knox Guard lock via changing system time, access arbitrary files, gain access to sensitive information, execute arbitrary code and compromise the targeted system.”
The latest vulnerabilities target Samsung Mobile Android versions 11, 12, 13, and 14, putting the Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5, and other Samsung smartphones at risk.
Users should take these steps to reduce vulnerability risks:
Security upgrades: Samsung’s official security advisory recommends applying security upgrades immediately. Go to Settings > Software update > Download and install to check for updates. Keep checking for updates and installing them to get the newest security patches. Users should use impacted devices with caution, especially when engaging with untrusted sources or unknown apps until the update is performed. Keep apps updated: Attackers can exploit weaknesses in outdated apps. Check the Google Play Store for app updates to stay current.
Install programs carefully: Users should also install programs from reliable sources like the Google Play Store. Avoid downloading programs from third-party websites which may be dangerous. Be cautious when clicking links: Unknown email links should not be clicked. These links may lead to phishing websites that steal personal information.