Recently, the Indian government’s cybersecurity watchdog, CERT-In, warned Samsung users of a security issue found on their smartphones. The warning, named Note CIVN-2023-0360, highlights critical security issues that affect phones using Android versions 11, 12, 13, and 14, including Samsung’s latest flagship model, the Galaxy S23, with the Android 14 update.
According to CERT-In, these vulnerabilities could allow attackers to bypass security rules, access sensitive data, execute arbitrary code, trigger a heap overflow, read sandbox data, bypass Knox Guard lock, and compromise the system. The vulnerabilities exist due to various flaws in Samsung’s software components, such as KnoxCustomManagerService, SmartManagerCN, facepreprocessing library, AR Emoji, Knox Guard, bootloader, HDCP in HAL, libIfaaca, libsavsac.so, softsimd, Smart Clip, and contacts.
CERT-In advises users of Samsung Galaxy phones to update their device’s operating system and firmware to its latest available updates, and Samsung has released a fix for these threats. Meanwhile, users are also advised to be cautious while downloading apps, clicking on links, and visiting unknown websites, as failure to do so could make Samsung models vulnerable to potential threats from hackers.
This warning from the Indian government’s cybersecurity watchdog, CERT-In, is a significant concern for Samsung, one of India’s leading smartphone brands. Samsung faces tough competition from Chinese rivals such as Xiaomi, Vivo, and Oppo and domestic players like Micromax and Lava. Samsung released its Galaxy S23 series in October 2023, expecting to increase its market share and revenue. However, because of these security issues, it may negatively impact sales and the brand’s reputation.