Original topic:

Warning to samsung users

(Topic created on: 12-15-2023 06:15 PM)
4536 Views
vivek1989
Expert Level 5
Options
Tech Talk
The government’s cybersecurity watchdog Computer Emergency Response Team (CERT-in) has a warning for users who are using Samsung smartphones. It issued a high-risk warning for users regarding multiple vulnerabilities, with Note CIVN-2023-0360, highlighting critical security issues in phones running Android versions 11, 12, 13 and 14.

 
Samsung’s flagship smartphone series, the Galaxy S23, has got the Android 14 update, hence, it is also included in this list.

The cybersecurity agency details that multiple vulnerabilities have been reported in Samsung products and they could allow an attacker to bypass implemented security restrictions, giving them access to sensitive information. They may also execute arbitrary code to compromise the targeted system.

 
The bugs may also allow hackers to successfully trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock via changing system time.

 Cert-In says that the vulnerabilities exist due to “improper access control flaw in KnoxCustomManagerService and SmartManagerCN component, integer overflow vulnerability in facepreprocessing library; improper authorization verification vulnerability in AR Emoji, improper exception management vulnerability in Knox Guard, various out of bounds write vulnerabilities in bootloader, HDCP in HAL, libIfaaca and libsavsac.so components, improper size check vulnerability in softsimd, improper input validation vulnerability in Smart Clip and implicit intent hijacking vulnerability in contacts.”

Users of Samsung smartphones are advised to install security updates as soon as possible. For future, users must patch their phones with security updates that are released by vendors periodically. In such cases, the companies are quick to issue patches to plug vulnerabilities.

 
Furthermore, if you haven’t patched your phone’s software, exercise caution when installing apps, clicking on links and visiting unknown websites.
 

18 Comments
Anand_Avn
Active Level 10
Tech Talk
As I researched on it I found it's ture on Indian official website ( https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0360) and Samsung's too( https://security.samsungmobile.com/securityUpdate.smsb). After that I connect to samsung customer they said it's a False information, now I send email to samsung service head and waiting for reply1702642897021.jpg1702642897094.jpg1702642897144.jpg
0 Likes
vivek1989
Expert Level 5
Tech Talk
But bro this statmenyt has come from government's cyber watch dog'Computer Emergency Response Team'
That is CERT-IN
WE CANNOT DENTY IT THAT IT IS TRUE
0 Likes
Anand_Avn
Active Level 10
Tech Talk
Yeah, but when u try to aks customer representative about this concern they will say u it's a False news.
Look at this.1702643643207.jpg
0 Likes
vivek1989
Expert Level 5
Tech Talk
But its from govt. Of india.
How can they say **bleep** really ?
Those half baked baboons r really pathetic
0 Likes
Anand_Avn
Active Level 10
Tech Talk
U won Mr. Vivek 1989 👏 for u.
0 Likes
vivek1989
Expert Level 5
Tech Talk
Man how can they bleep the word 'F a k e'
Kya yejh word gali hai ?
0 Likes
Anand_Avn
Active Level 10
Tech Talk
Idk when I use this word in comment section it auto converted to bleep word
0 Likes
vivek1989
Expert Level 5
Tech Talk
They consider this word as a gali shabd
0 Likes
Samsung_o06W4jM
Beginner Level 2
Tech Talk

Did u get the reply?

0 Likes