Centre Issues High-Risk Security Alert For Samsung Mobile Phones (Image: Pixabay)

The Computer Emergency Response Team of India (CERT-In) has issued a security warning for some Samsung mobile phones. CERT-In, the central government”s nodal agency to deal with cyber security, has identified multiple vulnerabilities in Samsung Galaxy phones that pose significant threats. The CERT-In warning highlighted security issues in Samsung Mobile Android versions 11, 12, 13, and 14.

As per the warning, labelled CERT-In Vulnerability Note CIVN-2023-0360, the identified vulnerabilities could allow an attacker to bypass implemented security restrictions. With this, the attacker may also access sensitive information and execute arbitrary code on the targeted system. CERT-In said in the advisory issued on December 13 that Samsung phones have security problems due to various factors, including improper access control flaws in Knox features, authorisation problems in the AR Emoji app, and issues in the facial recognition software.

CERT-In warned that attackers may exploit the latest vulnerabilities to access the device SIM PIN, bypass Knox Guard lock via changing system time, and read the sandbox data of AR Emoji. Notably, the Samsung devices that are at risk due to these vulnerabilities include the Galaxy S23 series, the Galaxy Z Flip5 and the Galaxy Z Fold5. The government-owned agency asked the affected Samsung users to apply the appropriate security updates as mentioned by the manufacturer in its advisory.

CERT-In is operating under the Ministry of Electronics and Information Technology. The main objective of the agency, which has been functioning since January 2004, is to secure India”s cyberspace. Recently, CERT-In has flagged multiple vulnerabilities in Google Chrome for desktop and Microsoft Edge (Chromium-based).