The Indian government urgently asked Samsung smartphone users to update their devices due to security vulnerabilities.
By infosecbulletin
/ Wednesday , September 18 2024
Google has released Chrome 129 for Windows, Mac, and Linux users. The update will be available gradually over the next...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Broadcom has fixed a serious VMware vCenter Server vulnerability that allows attackers to execute remote code on unpatched servers through...
Read More
By infosecbulletin
/ Wednesday , September 18 2024
Ransomware groups like BianLian and Rhysida use Microsoft's Azure Storage Explorer and AzCopy to steal data from hacked networks and...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
Apple has released iOS 18, the latest update for iPhones and iPads. Along with new features, it mainly focuses on...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
CISA has warned Microsoft Windows MSHTML Platform Spoofing Vulnerability and Progress WhatsUp Gold SQL Injection Vulnerability actively exploited security flaws,...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
Cybersecurity researcher Jeremiah Fowler found a non-password-protected database with 780,000 records from FleetPanda, a tech provider for dispatch management. The...
Read More
By infosecbulletin
/ Tuesday , September 17 2024
A recent dark web scan revealed that customer data from Dhaka Electric Supply Company Limited (DESCO) has been exposed. The...
Read More
By infosecbulletin
/ Monday , September 16 2024
Tenable Research found and fixed a remote code execution (RCE) vulnerability, called CloudImposer, in Google Cloud Platform (GCP). This flaw...
Read More
By infosecbulletin
/ Sunday , September 15 2024
In this article, we won’t dive too deep into the technical aspects of Capture The Flag (CTF) competitions. Instead, we...
Read More
By infosecbulletin
/ Sunday , September 15 2024
A recent Bitdefender report reveals that Medusa is still actively attacking and has created a notable presence on both the...
Read More
CERT-In issued a warning about a threat to certain Samsung devices running on Android versions 11, 12, 13, and 14. These vulnerabilities could be exploited to gain unauthorized access to sensitive data on these devices.
CERT-In has categorized the risk as high. Attackers may use these vulnerabilities to bypass security measures, access confidential information, and run unauthorized code on targeted systems. The vulnerabilities could pose a threat to different parts of the Samsung ecosystem.
ALSO READ:
Samsung Smartphone Users at Risk of Hacking, Update Now to Protect Yourself
Detailed Analysis and Potential Consequences:
The government’s cybersecurity team found several problems. These include issues with access control in Knox features, flaws in facial recognition software, concerns with the AR Emoji app, errors in Knox security software, and vulnerabilities in different system components. The vulnerabilities also affect the softsimd library, the Smart Clip app, and contacts app. These vulnerabilities include incorrect data size verification, unvalidated user input, and hijacking of specific app interactions.
Samsung phones with Android versions 11, 12, 13, and 14 are at risk, including models like Samsung Galaxy S23 series, Galaxy Z Flip 5, and Galaxy Z Fold 5.
To reduce the dangers of these vulnerabilities, users are strongly advised to take the following measures:
1. Install security updates quickly.
2. Update your apps regularly.
3. Be careful when installing apps.
4. Be cautious when clicking on links.
This advisory is to protect Samsung users from security threats. It stresses the need for proactive measures to secure their devices.