Explorer

CERT-In Issues Caution Against Critical Flaw In These Samsung Phones

These security vulnerabilities may impact several Samsung handsets, including the flagship Galaxy S23 series.

Computer Emergency Response Team or CERT-In has issued a high-risk warning (CIVN-2023-0360) for Samsung Mobile users in India, highlighting critical security issues in Samsung phones running Android versions 11, 12, 13, and 14, the media has reported. The phones are susceptible to vulnerabilities that could enable an attacker to covertly access and retrieve data from your device.

The risk advisory indicates that these vulnerabilities may enable an attacker to circumvent security restrictions, gain access to sensitive information and execute arbitrary code on targeted systems. According to CERT-In, these security vulnerabilities have the potential to affect different components within the Samsung ecosystem.

Attackers could exploit these vulnerabilities to override security restrictions, obtain sensitive information and execute arbitrary code on targeted systems. The issues arise from diverse sources, including improper access control in Knox features, an integer overflow flaw in facial recognition software, authorisation issues with the AR Emoji app, and other factors.

A successful exploitation of these flaws by an attacker can result in severe consequences. According to an official statement, it "may enable an attacker to initiate heap overflow and stack-based buffer overflow, retrieve the device SIM PIN, broadcast with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock by altering system time, access arbitrary files, obtain sensitive information, execute arbitrary code, and compromise the targeted system".

Samsung Phones That Will Be Affected By The Flaw

These security vulnerabilities may impact several Samsung handsets, including the flagship Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5 and other Samsung devices running Android versions 11, 12, 13, and 14 OS. To perform the device update, navigate to your phone settings. Afterwards, follow these steps: About device > Software update > Download and install.

Menwhile, Apple's cybersecurity team recently met with CERT-IN to discuss the notification alerts sent to several notable iPhone users in India. Last month, Apple notified about "state-sponsored attackers attempting remote compromises" on iPhones belonging to certain opposition party leaders. This notification sparked concerns about potential state involvement in hacking their phones.

View More
Advertisement
Advertisement
25°C
New Delhi
Rain: 100mm
Humidity: 97%
Wind: WNW 47km/h
See Today's Weather
powered by
Accu Weather
Advertisement

Top Headlines

Another Body Recovered From Mohali Building Collapse Site, Death Toll Rises To 2; FIR Against Building Owners
Another Body Recovered From Mohali Building Collapse Site, Death Toll Rises To 2
Modi In Kuwait: PM Meets Emir, Attends Arabian Gulf Cup Opening Ceremony
Modi In Kuwait: PM Meets Emir, Attends Arabian Gulf Cup Opening Ceremony
India Will Do What's Right For National Interest Without Being Forced To Conform: Jaishankar
India Will Do What's Right For National Interest Without Being Forced To Conform: Jaishankar
India Condemns Christmas Market Attack In Germany, MEA Says ‘Mission In Contact With Injured Indians’
‘Horrific, Senseless’: MEA On German X-Mas Market Attack, Says Mission In Contact With Indians
Advertisement
ABP Premium

Videos

Congress Protest March Gains Momentum, ; Injured Protesters Shifted to Normal WardTragic Building Collapse in Mohali: Woman Killed, Many Trapped; Police File Homicide CasePM Modi’s Kuwait Visit: Day 2 Focuses on Security and Trade TalksVarun Jain Spills Beans On Hit Song From Stree 2, Arijit Singh's Reaction & Lot More

Photo Gallery

Embed widget