The alert pointed out critical security issues affecting Samsung Mobile Android versions 11, 12, 13 and 14.
The Indian government’s security advisory from the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology has issued a warning against multiple vulnerabilities in Samsung phones on December 13. The alert pointed out critical security issues affecting Samsung Mobile Android versions 11, 12, 13 and 14.
Government issues warning
Meanwhile, India's CERT-In department, responsible for addressing cybersecurity issues, issued a high-risk warning to notify Samsung Galaxy phone users about potential security threats to their data. The advisory emphasizes the urgency of updating the operating system (OS) and firmware to minimize these risks.
CERT-In has published Vulnerability notes on its website (13-12-2023)
— CERT-In (@IndianCERT) December 14, 2023
CIVN-2023-0361 - Multiple Vulnerabilities in Google Chrome for Desktop
CIVN-2023-0360 - Multiple Vulnerabilities in Samsung Products
Details are available on CERT-In website (https://t.co/EfuWZNuFJC)
According to CERT-In, the identified vulnerabilities in Samsung products stem from issues such as:
— Abhishek Singh (@AbhishekMarkets) December 14, 2023
1. Improper access control in Knox features.
2. Integer overflow flaw in facial recognition software.
3. Authorisation issues with the AR Emoji app.
4. Incorrect handling of… pic.twitter.com/R5yfDcPflq
Several vulnerabilities have been identified in Samsung Mobile Android versions 11, 12, 13, and 14. One notable vulnerability allows attackers to exploit the system, potentially leading to information theft, code execution, and device compromise.
CERT-In explicitly mentioned that users who neglect to update their devices expose themselves to increased hacking threats. While Samsung has released patches to address these vulnerabilities, it is crucial for users, like Ankita and others who encountered issues, to prioritize updates to protect their devices from potential data breaches.
For the unversed, cyberattack refers to attempts to steal, expose, alter, disable or destroy information through unauthorized access to computer systems, cellphones, laptops, and tabs.
Attention Samsung users 🚨
— Anshu (@AnshuTechblog) December 15, 2023
A High-Risk warning is issued by the government, please update your phone's software ASAP. pic.twitter.com/0yoaKrelA9
"I gazed at my phone in utter disbelief. The screen mocked me with a disheartening message: "Incorrect PIN." I was certain about my PIN, which I had committed to memory and never changed. In a desperate attempt, I even resorted to using the fingerprint sensor, but to no avail" says Ankita, a regular Samsung Galaxy phone user who was locked out of her phone today morning.
"The question stayed: How could someone alter my phone's PIN without my knowledge? My phone housed lots of personal information, including messages and photos, making it important that unauthorized access be prevented. As a sense of urgency prevailed, I went online and checked the social media" said Ankita.
"As I scoured online forums for guidance, a shiver ran down my spine. Reports of similar incidents began surfacing, suggesting a burgeoning cyber threat. It appeared that a new breed of hackers was infiltrating phones, manipulating PINs, and depriving users of access to their own devices".