Samsung Galaxy S23, S22 and more at risk, Indian authority issues warning

Samsung is rolling out the December 2023 Android + One UI security patches to Galaxy devices. Meanwhile, the Indian authority issued a warning for Samsung Galaxy devices running Android versions 11, 12, 13, and 14. Devices running any of those OS versions are at risk due to high-risk vulnerability.

CNBC reports that India’s CERT-In has issued a high-risk warning, known as CERT-In Vulnerability Note CIVN-2023-0360, for Samsung Mobile users. The warning points out critical security issues affecting Galaxy devices on Android versions 11, 12, 13, and 14.

Follow our socials → Google News | Telegram | X/Twitter | Facebook | WhatsApp

The report says that these vulnerabilities could allow attackers to bypass security restrictions, access sensitive information, and execute arbitrary code. In particular, the flaws arise from various issues such as improper access control in Knox authorization issues with the AR Emoji app, and more.

If exploited, the vulnerabilities could lead to triggering heap overflow and stack-based buffer overflow, accessing the device SIM PIN, sending a broadcast with elevated privilege, reading sandbox data of AR Emoji, bypassing Knox Guard lock, and more.

Hopefully, Samsung’s next security patch will address these vulnerabilities.