Indian Government Urges Immediate Update for Samsung Galaxy S23 and Other Users Due to High-Risk Warning

The Indian government has issued a high-risk warning to Samsung mobile phone users regarding several vulnerabilities. These vulnerabilities present significant threats, and users are strongly advised to implement protective measures.

In summary:

• The vulnerabilities impact Samsung Mobile Android versions 11, 12, 13, and 14.
• Exploiting these vulnerabilities could potentially grant hackers access to users’ sensitive information.
• Users are strongly advised to promptly apply any available security updates to safeguard their devices.

The Indian government has issued a high-risk warning to Samsung mobile phone users regarding several vulnerabilities. These vulnerabilities present significant threats, and users are strongly advised to implement protective measures. The Indian Computer Emergency Response Team (CERT-In) has raised a high-risk warning for users of Samsung Galaxy Phones, highlighting multiple vulnerabilities. The recently identified vulnerabilities impact various Samsung devices, including the Galaxy S23 series, Galaxy Flip 5, and Galaxy Fold. These vulnerabilities affect Samsung Mobile Android versions 11, 12, 13, and 14, posing a significant risk to the security of these devices.

The vulnerabilities identified by CERT-In in Samsung products are attributed to the following issues:

1. Improper access control in Knox features.
2. Integer overflow flaw in facial recognition software.
3. Authorization issues with the AR Emoji app.
4. Incorrect handling of errors in Knox security software.
5. Multiple memory corruption vulnerabilities in various system components.
6. Incorrect data size verification in the softsimd library.
7. Unvalidated user input in the Smart Clip app.
8. Hijacking of certain app interactions in contacts.

Risks associated with the exploitation of these vulnerabilities include potential outcomes such as triggering heap overflow and stack-based buffer overflow, accessing device SIM PIN, broadcasting with elevated privilege, reading sandbox data of AR Emoji, bypassing Knox Guard lock via changing system time, accessing arbitrary files, gaining access to sensitive information, executing arbitrary code, and compromising the targeted system.

Vulnerable devices include a wide range of Samsung devices, particularly those running Android versions 11, 12, 13, and 14. This encompasses devices such as the Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5, and other Samsung devices.

To protect against these risks, users are strongly advised to:

1. Apply Security Updates: Promptly install security updates provided by Samsung through their official security advisory. Regularly check for updates to ensure the latest security patches are applied.
2. Exercise Caution: Until the update is applied, use the affected devices cautiously, especially when interacting with untrusted sources or unknown applications.
3. Keep Apps Up to Date: Ensure that all apps are updated regularly from trusted sources like the Google Play Store.
4. Be Selective with App Installations: Only install apps from reliable sources, such as the Google Play Store, and avoid downloading apps from third-party websites.
5. Exercise Caution with Links: Avoid clicking on links in emails or messages from unknown senders, as these could lead to phishing websites designed to steal personal information.