Samsung’s flagship smartphone series, the Galaxy S23, has got the Android 14 update, hence, it is also included in the list.
The cybersecurity agency details that multiple vulnerabilities have been reported in Samsung products and they could allow an attacker to bypass implemented security restrictions, giving them access to sensitive information. They may also execute arbitrary code to compromise the targeted system.
The bugs may also allow hackers to successfully trigger heap overflow and stack-based buffer overflow, access device SIM PIN, send broadcast with elevated privilege, read sandbox data of AR Emoji, bypass Knox Guard lock via changing system time.
Cause of vulnerabilities
Cert-In says that the vulnerabilities exist due to “improper access control flaw in KnoxCustomManagerService and SmartManagerCN component, integer overflow vulnerability in facepreprocessing library; improper authorization verification vulnerability in AR Emoji, improper exception management vulnerability in Knox Guard, various out of bounds write vulnerabilities in bootloader, HDCP in HAL, libIfaaca and libsavsac.so components, improper size check vulnerability in softsimd, improper input validation vulnerability in Smart Clip and implicit intent hijacking vulnerability in contacts.”
How to protect
Users of Samsung smartphones are advised to install security updates as soon as possible. For future, users must patch their phones with security updates that are released by vendors periodically. In such cases, the companies are quick to issue patches to plug vulnerabilities.
Furthermore, if you haven’t patched your phone’s software, exercise caution when installing apps, clicking on links and visiting unknown websites.
Government has 'warning' for Galaxy S23, other Samsung smartphone users - Times of India
Read More
No comments:
Post a Comment