Tag: High-Risk Vulnerabilities

  • Indian Government Warns of High-Risk Vulnerabilities in Samsung Galaxy Phones in India

    Indian Government Warns of High-Risk Vulnerabilities in Samsung Galaxy Phones in India

    Indian CERT-In Releases Severe Risk Advisory for Samsung Mobile Device Users

    Impacted Samsung Devices

    • Operating systems affected: Android 11, 12, 13, and 14
    • Devices at risk: Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5

    Noted Vulnerabilities Discovered

    • Inadequate access control within Knox features
    • Flaw involving integer overflow in facial recognition software
    • Authorization concerns with the AR Emoji application
    • Mishandling of errors in Knox security software
    • Multiple vulnerabilities related to memory corruption across various system components
    • Errors in data size verification within the softsimd library
    • Unvalidated user input in the Smart Clip app
    • Potential hijacking of specific app interactions in contacts

    Possible Repercussions

    • Unauthorized access leading to data theft
    • Device takeover through phone hijacking
    • Malware installation risks
    • Vulnerabilities such as heap overflow and stack-based buffer overflow
    • Unauthorized access to device SIM PIN information
    • Broadcasting capabilities with elevated privileges
    • Potential access to AR Emoji sandbox data
    • Circumvention of Knox Guard lock security measures
    • Unauthorized access to arbitrary files
    • Execution of arbitrary code on the device
    • Compromise of the targeted system’s security

    Recommended Preventive Measures

    • Ensure installation of the most recent Samsung security patches
    • Timely installation of security updates
    • Exercise vigilance while installing applications, clicking on links, and navigating unknown websites
    Tags: , ,