CERT-In Issues High-Risk Warning for Samsung Users: Critical Security Update Needed

The Indian government has issued a high-risk alert for Samsung smartphone users, advising immediate action to address a severe vulnerability affecting popular Samsung models. Samsung, widely known for its vast smartphone range in India, frequently rolls out security updates to protect user data. However, a newly discovered vulnerability has raised urgent security concerns, prompting the Indian Computer Emergency Response Team (CERT-In) under the Ministry of Electronics and Information Technology to release an official warning.

Vulnerability Details Impacting Samsung Devices

CERT-In reports that a specific vulnerability in Samsung's mobile and wearable processors could allow attackers to execute arbitrary code and potentially escalate privileges on affected devices. The impacted processors include Exynos models 9820, 9825, 980, 990, 850, and W920, which are commonly found in a wide range of Samsung smartphones and wearables. This flaw arises from a "Use-After-Free" bug, which can be exploited to gain unauthorized access and control over the targeted device. The vulnerability, identified as CVE-2024-44068, is already being actively exploited in real-world situations. Without prompt updates, Samsung devices with these processors may remain at risk of malicious attacks.

Recommended Actions for Samsung Users

To safeguard their devices, CERT-In strongly advises Samsung users to check and install the latest security updates as provided in Samsung's official security advisories. These updates are designed to patch the vulnerability and protect against unauthorized access. By applying the recommended patches promptly, Samsung users can reduce the risk of attacks and protect their personal data. It's crucial for all Samsung users to remain vigilant about security updates, particularly in light of this active vulnerability, and regularly install any critical patches released by the company.