Government issues security advisory for Samsung phones: What it means

By Dwaipayan Roy 12:01 pm Dec 15, 202312:01 pm

Hackers can manage improper access in Knox facilities

The Indian Computer Emergency Response Team (CERT-In) has sounded the alarm for Samsung mobile users. It has warned of high-risk security vulnerabilities in Android 11, 12, 13, and 14. Devices like the Galaxy Flip 5, Galaxy S23 series, Galaxy Fold 5, and others running these Android versions are at risk. Hackers could exploit these vulnerabilities to bypass security measures and access sensitive information on users' phones.

Vulnerabilities and risks

CERT-In discovered issues such as improper access control in Knox facilities, problems with facial recognition software, and authorization issues in the AR Emoji app. These flaws could enable hackers to "trigger heap overflow and stack-based buffer overflow," as per the government agency. Attackers might also gain access to users' SIM PINs, send broadcasts, access AR Emoji app data, as well as obtain other sensitive information from their phones.

What is the solution?

To protect against these vulnerabilities, CERT-In recommends Samsung phone users apply the necessary security updates as advised by the manufacturer. This week, CERT-In also identified multiple vulnerabilities in browsers like Google Chrome for desktops, and Microsoft Edge (Chromium-based). The Chrome versions for Windows facing security risks were 120.0.6099.62/63, and 120.0.6099.62 (for Mac/Linux).

Nearly 1.4 lakh cybersecurity issues clocked in 2022

In 2022 alone, CERT-In dealt with over 1.39 lakh cybersecurity issues, highlighting the increasing number of cyber threats faced by India. They included ransomware, malware, phishing, data breaches, and distributed denial-of-service attacks.