New Delhi: Samsung Mobile Android versions 11, 12, 13, and 14 have critical security issues. The Indian government’s Computer Emergency Response Team (CERT-In) has issued a high-risk warning, known as CERT-In Vulnerability Note CIVN-2023-0360, for Samsung Mobile users.
These vulnerabilities could allow attackers to bypass security restrictions, access sensitive information, and execute arbitrary code on targeted systems. They stem from various issues such as improper access control in Knox features, an integer overflow flaw in facial recognition software, authorisation issues with the AR Emoji app, and more.
If successfully exploited, these vulnerabilities could lead to severe consequences, including triggering heap overflow and stack-based buffer overflow, accessing the device SIM PIN, sending a broadcast with elevated privilege, reading sandbox data of AR Emoji, bypassing Knox Guard lock via changing system time, accessing arbitrary files, gaining access to sensitive information, executing arbitrary code, and compromising the targeted system.
The vulnerabilities affect a wide range of Samsung devices, including the Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5, and other Samsung devices running Android versions 11, 12, 13, and 14, according to a CNBC report.