logo Sun, Jan 28, 2024

Samsung phones on high-risk security alert. What government advisory means for users

Samsung phones on high-risk security alert. What government advisory means for users
Samsung phones on high-risk security alert. What government advisory means for users

ITDC INIDA EPRESS/ ITDC NEWS: The Indian Computer Emergency Response Team (CERT-In), the country’s nodal agency to deal with cybersecurity threats, has issued a high-risk security alert for four versions of Samsung phones, saying multiple vulnerabilities have been reported in these, potentially allowing hackers to bypass the security restrictions and access sensitive information.

The affected software includes Samsung mobile Android versions 11, 12, 13 and 14. The vulnerabilities impact various Samsung devices, such as the Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5 and other Samsung devices running Android versions 11, 12, 13 and 14.

These Samsung phones have security problems because of issues like improper access control in Knox features, issues in the facial recognition software, authorisation problems in the AR Emoji app, among other issues, CERT-In said in the advisory issued on Tuesday.

These vulnerabilities can allow hackers to “trigger heap overflow and stack-based buffer overflow”, the government agency said. Attackers can also access the user’s SIM PIN, send broadcast, access the AR Emoji app data and access several other sensitive information in the user’s phone, CERT-In said.

What is the solution?

Samsung phone users of 11, 12, 13 and 1`4 versions should apply the appropriate security updates as mentioned by the phone manufacturer in its advisory, CERT-In said.

This week, CERT-In has flagged multiple vulnerabilities in browsers such as Google Chrome for desktop, Microsoft Edge (Chromium-based) as well as Schneider Electric and Microsoft products.

The Chrome versions with security risks are those prior to 120.0.6099.62 for Linux and Mac and those prior to 120.0.6099.62/.63 for Windows.

In 2022, CERT-In tackled over 1.39 lakh cybersecurity incidents in 2022, highlighting the vast number of cyber attacks the country faces in terms of malware, phishing, distributed denial of service, ransomware attacks and data breaches.

 

Recent Comments

    No Comments Found...

Leave Comments

Enter Captcha Code

19343
Top