Table of contents
The Computer Emergency Response Team of India (CERT-In) has issued a high-risk warning to Samsung mobile phone users in India due to the discovery of various vulnerabilities. This alert, titled ‘CERT-In Vulnerability Note CIVN-2023-0360,’ highlights significant security problems affecting Samsung Mobile devices running Android versions 11, 12, 13, and 14.
Source: 1
Source: 2
These vulnerabilities are rated ‘HIGH’ owing to their potential impact and ease of exploitation. Moreover, CERT-In researchers discovered and outlined various vulnerabilities even in Samsung devices that pose potential risks of exploitation.
The vulnerabilities can impact on several components of Samsung devices, providing dangers such as bypassing security limitations, unauthorized access to sensitive information, and arbitrary code execution on targeted computers.
Source: 3
The vulnerabilities discovered by CERT-In cover a wide range of concerns in Samsung devices, including:
- Improper Access Control: This vulnerability is caused by insufficient access control in Knox features, which is a critical security component.
- Integer Overflow weakness: A weakness in facial recognition software related to integer overflow poses a possible hazard.
- Authorization flaws: There are authorization flaws with the AR Emoji app, which could compromise user data.
- Error Handling: Errors in error handling inside Knox security software may result in security failures.
- Multiple Memory Corruption Vulnerabilities: Multiple memory corruption vulnerabilities exist in various system components.
- Vulnerability: More specifically caused by incorrect data size verification in the Softsimd Library.
- Unvalidated User Input: Unvalidated user input in the Smart Clip app also poses a security risk.
- Hijacking of Specific App Interactions in Contacts: Certain app interactions in contacts are vulnerable to hijacking, which could lead to illegal access to sensitive information and consume other users as well.
These vulnerabilities could have serious effects if successfully exploited by attackers. The attacker might cause heap and stack-based buffer overflows, gain access to the device SIM PIN, execute arbitrary code, compromise the targeted system, and more.
A wide range of Samsung smartphones, most notably the Galaxy S23 series, Galaxy Z Flip 5, Galaxy Z Fold 5, and others running Android versions 11, 12, 13, and 14, can be compromised.
Users are strongly encouraged to update their devices as soon as possible to avoid any hazards. To do so, go to phone settings, then "About device," then "Software update," and then "Download and install."
Users are advised to be cautious until the update is released, particularly when engaging with untrusted sources or unknown programs. Other safeguards include updating all programs via the Google Play Store, installing apps only from authorized sources, and avoiding clicking on links from unknown senders.
Users should apply Samsung-released security patches regularly, use caution when engaging with apps and links, and avoid accessing unexpected websites for continuing protection.
These steps, taken together can contribute to the security and integrity of Samsung devices, shielding you from potential vulnerabilities.
