Tuesday, July 23, 2024
Smartphone news

Samsung Phones High-risk: Government has ‘warning’ for Galaxy S23, other Samsung smartphone users


Computer Emergency Response Team (CERT-in), the nodal cybersecurity division of the government of India, has a warning for users Samsung smartphone users. CERT-In has issued a high-risk warning for users regarding multiple vulnerabilities, with Note CIVN-2023-0360, highlighting critical security issues in phones running Android versions 11, 12, 13 and 14.

Samsung’s flagship smartphone series, the Galaxy S23, has got the Android 14 update. The cybersecurity agency CERT-IN has said in a note that multiple vulnerabilities have been reported in Samsung products and these could allow an attacker to bypass implemented security restrictions, giving them access to sensitive information. They may also execute arbitrary code to compromise the targeted system.

The bugs may also allow hackers to successfully trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock via changing system time.

What is the cause of this vulnerability
Cert-In says that the vulnerabilities exist due to “improper access control flaw in KnoxCustomManagerService and SmartManagerCN component, integer overflow vulnerability in facepreprocessing library; improper authorization verification vulnerability in AR Emoji, improper exception management vulnerability in Knox Guard, various out of bounds write vulnerabilities in bootloader, HDCP in HAL, libIfaaca and libsavsac.so components, improper size check vulnerability in softsimd, improper input validation vulnerability in Smart Clip and implicit intent hijacking vulnerability in contacts.”

Samsung phones on high-risk security alert: How to protect
Users of Samsung smartphones are advised to install security updates as soon as possible. For future, users must patch their phones with security updates that are released by vendors periodically. In such cases, the companies are quick to issue patches to plug vulnerabilities.

Furthermore, if you haven’t patched your phone’s software, exercise caution when installing apps, clicking on links and visiting unknown websites.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.