Warning to samsung users

vivek1989 · ‎12-15-2023

The government’s cybersecurity watchdog Computer Emergency Response Team (CERT-in) has a warning for users who are using Samsung smartphones. It issued a high-risk warning for users regarding multiple vulnerabilities, with Note CIVN-2023-0360, highlighting critical security issues in phones running Android versions 11, 12, 13 and 14.

Samsung’s flagship smartphone series, the Galaxy S23, has got the Android 14 update, hence, it is also included in this list.

The cybersecurity agency details that multiple vulnerabilities have been reported in Samsung products and they could allow an attacker to bypass implemented security restrictions, giving them access to sensitive information. They may also execute arbitrary code to compromise the targeted system.

The bugs may also allow hackers to successfully trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock via changing system time.

Cert-In says that the vulnerabilities exist due to “improper access control flaw in KnoxCustomManagerService and SmartManagerCN component, integer overflow vulnerability in facepreprocessing library; improper authorization verification vulnerability in AR Emoji, improper exception management vulnerability in Knox Guard, various out of bounds write vulnerabilities in bootloader, HDCP in HAL, libIfaaca and libsavsac.so components, improper size check vulnerability in softsimd, improper input validation vulnerability in Smart Clip and implicit intent hijacking vulnerability in contacts.”

Users of Samsung smartphones are advised to install security updates as soon as possible. For future, users must patch their phones with security updates that are released by vendors periodically. In such cases, the companies are quick to issue patches to plug vulnerabilities.

Furthermore, if you haven’t patched your phone’s software, exercise caution when installing apps, clicking on links and visiting unknown websites.

Anand_Avn · ‎12-15-2023

As I researched on it I found it's ture on Indian official website ( https://cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0360) and Samsung's too( https://security.samsungmobile.com/securityUpdate.smsb). After that I connect to samsung customer they said it's a False information, now I send email to samsung service head and waiting for reply

vivek1989 · ‎12-15-2023

But bro this statmenyt has come from government's cyber watch dog'Computer Emergency Response Team'
That is CERT-IN
WE CANNOT DENTY IT THAT IT IS TRUE

Anand_Avn · ‎12-15-2023

Yeah, but when u try to aks customer representative about this concern they will say u it's a False news.
Look at this.

vivek1989 · ‎12-15-2023

But its from govt. Of india.
How can they say **bleep** really ?
Those half baked baboons r really pathetic

Anand_Avn · ‎12-15-2023

U won Mr. Vivek 1989 👏 for u.

vivek1989 · ‎12-15-2023

Man how can they bleep the word 'F a k e'
Kya yejh word gali hai ?

Anand_Avn · ‎12-15-2023

Idk when I use this word in comment section it auto converted to bleep word

vivek1989 · ‎12-15-2023

They consider this word as a gali shabd

Samsung_o06W4jM · ‎12-19-2023

Did u get the reply?

Original topic:

Warning to samsung users