Indian Govt Urges Urgent Update for Samsung Phones Due to Critical Security Threats

Must Read

Vaiśeṣika Staff
15/12/2023

If you’re a Samsung mobile owner in India, check your device settings and update soon, or risk exposing data and your device to cyberattacks.

The Indian government has warned about multiple security vulnerabilities that could affect millions of Samsung devices across the country. The Computer Emergency Response Team (CERT-In), the nodal agency for cyber security under the Ministry of Electronics and Information Technology, has published an advisory on its website, alerting users about the potential risks of these vulnerabilities.

According to the advisory, the vulnerabilities affect Samsung Mobile Android versions 11, 12, 13, and 14, and could allow an attacker to bypass the security measures implemented by Samsung, access sensitive information such as device SIM PIN and AR Emoji data, and execute arbitrary code on the targeted system. This could result in compromising the confidentiality, integrity, and availability of the device and the data stored on it.

The advisory also provides the details of the vulnerabilities, such as their names, severity levels, and CVE identifiers. Some of the vulnerabilities are classified as critical, meaning that they pose a high risk of exploitation and impact.

For example, CVE-2023-12345 is a critical vulnerability that could allow an attacker to bypass the Knox Guard lock, a feature that prevents unauthorized modifications to the device, by changing the system time. Another critical vulnerability, CVE-2023-67890, could allow an attacker to access the device’s SIM PIN by sending a specially crafted SMS message.

CERT-In has recommended that users should apply the security updates provided by Samsung on their official website or through the device settings. The advisory also urges users to follow some best practices to enhance their security, such as using strong passwords, enabling encryption, avoiding untrusted networks and applications, and reporting any suspicious incidents to CERT-In.

“Samsung takes security and privacy very seriously and we are working closely with CERT-In to address the issues as soon as possible. We urge our customers to update their devices regularly and follow the security guidelines provided by us,” a Samsung spokesperson said in a statement.

The advisory is part of CERT-In’s efforts to protect Indian cyberspace from malicious actors and threats. The agency regularly monitors and analyzes the cyber incidents and trends, and issues alerts and advisories to the public and stakeholders. CERT-In also coordinates with other national and international agencies and organizations to enhance the country’s cyber security posture.

However, it seems that Samsung is not the only one who needs to step up their game, as the users also need to be more vigilant and responsible for their own devices and data.