The government's cybersecurity agency, the Computer Emergency Response Team, is sounding an alarm for Samsung phone users, particularly those using Android versions 11, 12, 13, and 14, including the recently updated Galaxy S23 under the notice CIVN-2023-0360.
These Samsung products have been discovered to hold various vulnerabilities, potentially enabling cyber attackers to override security barriers, gain access to sensitive data, and perform arbitrary code execution. The potential for a heap surge attack is also highlighted, along with the ability to unlock the device's SIM PIN among other security risks.
Concerns exist due to flaws in KnoxCustomManagerService, SmartManagerCN component, facepreprocessing library, AR Emoji, Knox Guard and other areas that provide possibilities for unauthorized access and the potential breach of system protections. These vulnerabilities permit hackers full control over the target device, inclusive of triggering stack-based buffer overflow and manipulating the system's time setting to bypass the Knox Guard Lock.
CERT-in attributes these vulnerabilities to an array of complications such as improper access controls, flawed exception management, integer overflow, and other misguided authorization checks which permit opportunities for foul play across various sections of the device software.
The cybersecurity watchdog is hence advising users of these affected Samsung Smartphones to be proactive in installing security patches, keeping their software updated and periodically monitoring for vendor-released updates.
Users are also strongly urged to exercise caution while installing apps, clicking links, and navigating unfamiliar websites, especially if the phone's software is not patched with latest updates.
Apart from installing these security updates and patching the software, Samsung smartphone users must be diligent about ongoing security practices, including mindful exploration of financial information and not storing sensitive data on their devices.