The Indian government has issued a high-risk warning to Samsung mobile phone users concerning multiple vulnerabilities. These vulnerabilities pose significant threats and users are strongly advised to take protective measures
In a significant development, the Computer Emergency Response Team of India (CERT-In), acting on behalf of the Indian government, has issued a high-risk warning for users of Samsung mobile phones. The advisory, labeled CERT-In Vulnerability Note CIVN-2023-0360, underscores critical security concerns affecting Samsung Mobile Android versions 11, 12, 13, and 14. The vulnerabilities identified are deemed high-risk due to their potential impact and ease of exploitation.
Researchers from CERT-In have pinpointed multiple vulnerabilities within Samsung products that pose significant threats. These vulnerabilities could potentially enable attackers to bypass security measures, gain unauthorised access to sensitive information, and execute arbitrary code on targeted systems. The diverse range of vulnerabilities impacts various components of the Samsung ecosystem, as outlined in the CERT-In advisory. The identified vulnerabilities stem from issues such as improper access control in Knox features, an integer overflow flaw in facial recognition software, authorisation issues with the AR Emoji app, incorrect handling of errors in Knox security software, multiple memory corruption vulnerabilities in various system components, incorrect data size verification in the soft simd library, unvalidated user input in the Smart Clip app, and hijacking of certain app interactions in contacts.
The risks associated with these vulnerabilities are severe and could lead to a range of consequences. This includes triggering heap overflow and stack-based buffer overflow, accessing the device SIM PIN, sending broadcasts with elevated privileges, reading sandbox data of AR Emoji, bypassing Knox Guard lock via changing system time, accessing arbitrary files, gaining access to sensitive information, executing arbitrary code, and compromising the targeted system.
The impacted Samsung Mobile Android versions include 11, 12, 13, and 14, potentially putting a wide range of Samsung devices at risk, including popular models like the Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5, and others.
To mitigate the risks associated with these vulnerabilities, CERT-In has issued the following recommendations for users:
1. Apply Security Updates: Users are strongly advised to promptly apply security updates provided by Samsung in their official security advisory. This can be done by going to Settings > Software update > Download and install on the device. Regularly checking for updates and installing them ensures the application of the latest security patches.
2. Exercise Caution: Until the update is applied, users are advised to exercise caution while using the affected devices, particularly when interacting with untrusted sources or unknown applications.
3. Keep Apps Up to Date: Outdated apps can also pose security risks. Users should ensure all apps are up to date by checking for updates in the Google Play Store.
4. Be Careful with App Installations: Users are cautioned to only install apps from trusted sources, such as the Google Play Store, and to avoid downloading apps from third-party websites that may be malicious.
5. Exercise Caution with Links: Clicking on links in emails or messages from unknown senders is discouraged, as these links could lead to phishing websites designed to steal personal information.
As the cybersecurity landscape evolves, timely application of security measures is crucial to safeguarding digital assets and personal information. By adhering to these recommendations, Samsung mobile users can enhance their device’s resilience against potential threats arising from these identified vulnerabilities.
