The Indian government’s Computer Emergency Response Team (CERT-In) has issued a high-risk warning, known as CERT-In Vulnerability Note for Samsung Mobile users. The warning points out critical security issues affecting Samsung Mobile Android versions 11, 12, 13, and 14, as per a CNBC TV18 report.
Attackers could take advantage of these vulnerabilities and bypass security restrictions, access sensitive information, and execute arbitrary code on targeted systems. They stem from various issues such as improper access control in Knox features, an integer overflow flaw in facial recognition software, authorisation issues with the AR Emoji app, and more.
These vulnerabilities could lead to severe consequences, including triggering heap overflow and stack-based buffer overflow, accessing the device SIM PIN, sending a broadcast with elevated privilege, reading sandbox data of AR Emoji, bypassing Knox Guard lock via changing system time, accessing arbitrary files, gaining access to sensitive information, executing arbitrary code, and compromising the targeted system.
The vulnerabilities affect a wide range of Samsung devices, including the Galaxy S23 series, Galaxy Flip 5, Galaxy Fold 5, and other Samsung devices running Android versions 11, 12, 13, and 14.