The government has issued heightened security advisories this week, specifically addressing users of Samsung Galaxy phones. The Indian Computer Emergency Response Team (CERT-In) has released a security alert outlining numerous vulnerabilities affecting millions of Samsung Galaxy phones, encompassing both older and newer models.
Dated December 13, the security alert categorizes the identified issues as high-risk, underlining the critical necessity for existing Samsung users to expeditiously update their phone’s operating system or firmware.
“Multiple vulnerabilities have been reported in Samsung products that could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system,” noted CERT in its vulnerability alert.
According to the report, the at-risk software includes Samsung Mobile Android versions 11, 12, 13, and 14.
These vulnerabilities serve as potential breaches in the device’s security defenses. If exploited by a cyber attacker, they could:
- Steal the phone’s secret code (SIM PIN).
- Issue loud commands to the phone (broadcast with elevated privilege).
- Peek into private AR Emoji files.
- Change the clock on the castle gate (Knox Guard lock).
- Snoop around the phone’s files (access arbitrary files).
- Steal important information (sensitive information).
- Control the phone like a puppet (execute arbitrary code).
- Take over the entire phone (compromise the targeted system).
Instructions for Samsung smartphone users:
Users of Samsung Galaxy phones are strongly advised to promptly update their device’s operating system (OS) and firmware, as indicated by the reports. Failure to do so may leave Samsung models vulnerable to potential threats from hackers. Neglecting system updates could provide hackers with an opportunity to bypass device security and gain unauthorized access to sensitive data. Samsung has released a fix for these threats, and users are urged to install it at their earliest convenience.