Centre warns Samsung phone users of major security threats

The Indian Computer Emergency Response Team (CERT-In) released a security advisory on Wednesday highlighting multiple vulnerabilities impacting various models of Samsung Galaxy phones.

These vulnerabilities have been categorized as high-risk, emphasizing the critical importance for Samsung users to promptly update their phone operating systems.

According to the report, Samsung Mobile Android versions 11, 12, 13, and 14 are susceptible to potential security threats.

The attackers can bypass implemented security restrictions, access sensitive information and execute arbitrary code on the targeted system in the Samsung mobiles of the specified versions.

“These vulnerabilities exist due to improper access control flaw in KnoxCustomManagerService and SmartManagerCN component, integer overflow vulnerability in facepreprocessing library; improper authorization verification vulnerability in AR Emoji, improper exception management vulnerability in Knox Guard, various out of bounds write vulnerabilities in bootloader, HDCP in HAL, libIfaaCa and libsavsac.so components, improper size check vulnerability in softsimd, improper input validation vulnerability in Smart Clip and implicit intent hijacking vulnerability in contacts,” the agency said.

Attackers can take advantage of these vulnerabilities and harm the users by causing a heap overflow or a stack-based buffer overflow.

This might let them get into the device's SIM PIN, send broadcasts with more power, read the sandbox data of AR Emoji, get around the Knox Guard lock by changing the system time, access any files they want, find sensitive information, run any code they want, and take control of the targeted system.