shot-button
Ganesh Chaturthi Ganesh Chaturthi
Home > News > India News > Article > Govt issues warning for Samsung Galaxy phone users advises urgent update

Govt issues warning for Samsung Galaxy phone users, advises urgent update

Updated on: 16 December,2023 02:24 PM IST  |  New Delhi
mid-day online correspondent |

The Centre’s nodal agency for cyber security, Indian Computer Emergency Response Team (Cert-In), has issued a high-risk warning for Samsung smartphones

Govt issues warning for Samsung Galaxy phone users, advises urgent update

Representational Image

The Centre has issued a new advisory for all the Samsung Galaxy mobile phone users. The Union government has asked them to immediately update their phones to protect themselves from cyber attacks and hacking.


The Centre’s nodal agency for cyber security, Indian Computer Emergency Response Team (Cert-In), has issued a high-risk warning for Samsung smartphones.


The Indian Computer Emergency Response Team (CERT-In) has issued the high-risk security advisory on December 13, highlighting several security impacts on millions of Samsung Galaxy phones, with both newer and older models.


The category of concern for Samsung phones is "high-risk", according to the advisory, and owners of these phones need to update their firmware of OS at the earliest.

CERT-In classified the vulnerabilities as high-risk and stressed the urgent need for Samsung users to upgrade their phones' operating systems. Samsung Mobile Android versions 11, 12, 13, and 14 are vulnerable to such attacks, the report said. 

"Multiple vulnerabilities have been reported in Samsung products that could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system," CERT-In said.

"These vulnerabilities exist due to improper access control flaw in Knox Custom Manager Service and Smart Manager CN component, integer overflow vulnerability in face preprocessing library; improper authorisation verification vulnerability in AR emoji, improper exception management vulnerability in Knox Guard, various out of bounds write vulnerabilities in bootloader, HDCP in HAL, libIfaaCa and libsavsac.so components, improper size check vulnerability in softsimd, improper input validation vulnerability in Smart-Clip and implicit intent hijacking vulnerability in contacts," read the detailed statement.

The exploitation of these vulnerabilities may allow an attacker to trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock via changing system time, access arbitrary files, gain access to sensitive information, execute arbitrary code and compromise the targeted system, the agency said.

Meanwhile, Samsung Mobile has announced the rollout of a maintenance release as part of its December 2023 security update.

“Samsung Mobile is releasing a maintenance release for major flagship models as part of the monthly Security Maintenance Release (SMR) process. This SMR package includes patches from Google and Samsung,” said the South Korean smartphone major on its website.

(With inputs from Agencies)

"Exciting news! Mid-day is now on WhatsApp Channels Subscribe today by clicking the link and stay updated with the latest news!" Click here!

Register for FREE
to continue reading !

This is not a paywall.
However, your registration helps us understand your preferences better and enables us to provide insightful and credible journalism for all our readers.

Mid-Day Web Stories

Mid-Day Web Stories

This website uses cookie or similar technologies, to enhance your browsing experience and provide personalised recommendations. By continuing to use our website, you agree to our Privacy Policy and Cookie Policy. OK