The Indian Computer Emergency Response Team (Cert-In), the Center's official agency for cyber security, has released a high-risk alert for Samsung cellphones, highlighting several vulnerabilities and stressing the necessity of immediate operating system updates. The advisory draws attention to security issues and claims that there are flaws in the phones that might let an attacker snoop and access data without the user's awareness.
Govt ssues Warning For Some Samsung Phones, Advises Urgent Update
%20(1).jpg "Govt ssues Warning For Some Samsung Phones, Advises Urgent Update") |
| Govt ssues Warning For Some Samsung Phones, Advises Urgent Update |
The Cert-In alert released this week stated that "multiple vulnerabilities have been reported in Samsung products which could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system."
The statement indicated that Samsung phones running Android versions 11 and higher may be impacted by these vulnerability problems.
The detailed statement stated, "These vulnerabilities are caused by an improper size check vulnerability in softsimd, an improper input validation vulnerability in Smart-Clip, an improper size check vulnerability in HAL, an improper size check vulnerability in HDCP, an integer overflow vulnerability in the face preprocessing library, an improper authorization verification vulnerability in AR emoji, an improper exception management vulnerability in Knox Guard, and various out of bounds write vulnerabilities in the bootloader, HDCP in HAL, libIfaaCa, and libsavsac.so components.
According to the agency, these vulnerabilities could be exploited to cause heap overflows and stack-based buffer overflows, allow an attacker to access device SIM PINs, send broadcasts with elevated privileges, read AR Emoji sandbox data, circumvent Knox Guard locks by altering system times, access arbitrary files, obtain sensitive data, run arbitrary code, and compromise the targeted system. Amazon
Users are encouraged by Cert-In to deploy the relevant security patches that Samsung has published in order to shield their devices from danger.
In the meantime, a maintenance release is being rolled out by Samsung Mobile as part of their December 2023 security upgrade.
As part of the monthly Security Maintenance Release (SMR) procedure, Samsung Mobile is releasing a maintenance release for its main flagship models. Google and Samsung patches are included in this SMR package," the South Korean smartphone manufacturer stated on its website.
The Ministry of Electronics and Information Technology's national nodal agency, Cert-In, is in charge of responding to computer security events as soon as they happen.
A high-severity warning about "multiple vulnerabilities" in the Google Chrome web browser was recently issued by the agency, which has been flagging security threats and risks related to the cybersecurity domain. These vulnerabilities could allow a remote attacker to execute arbitrary code and cause denial of service conditions on targeted systems. Amazon
%20(1).jpg)
%20(1).jpg)
.jpg)
%20(1).jpg&description=Govt ssues Warning For Some Samsung Phones, Advises Urgent Update){kind=link}