Apple Users Have Been Warned After Samsung about Critical Risk

By Consultants Review Team Saturday, 16 December 2023

On Friday, the Computer Emergency Response Team of India (CERT-In) announced that multiple vulnerabilities in Apple products had been discovered. These flaws represent substantial risks because they could allow attackers to exploit sensitive information, execute arbitrary code, circumvent security constraints, and trigger denial of service (DoS) circumstances, among other things.

This security alert comes just 48 hours after a cautionary letter was issued to Samsung consumers, exposing severe security problems affecting devices running Android versions 11, 12, 13, and 14. Notably, Samsung's flagship smartphone, the Galaxy S23, is included in this alert due to its use of the Android 14 upgrade.

According to a Friday alert released by the Computer Emergency Response Team (CERT-in), the detected vulnerabilities affect a variety of Apple devices, including iOS, Apple watchOS, iPadOS, and versions of Apple Safari before 17.2. The severity level assigned by CERT-In to these goods is 'high,' indicating potential risks such as authentication bypass, elevation of privileges, and the capacity to execute "performing spoofing attacks on the targeted system." Previously, Mint reported that the CERT-In alert targeted security flaws discovered in Samsung devices running Android versions 11, 12, 13, and 14.

Exploiting these vulnerabilities in Samsung smartphones may result in unauthorized access to sensitive data saved on the vulnerable devices. Users must immediately upgrade their Samsung handsets to mitigate this security vulnerability.

The risk was rated as high by CERT-In, emphasizing the prospect of attackers using these vulnerabilities to circumvent security mechanisms, get access to confidential information, and execute unauthorized code on targeted computers. The identified vulnerabilities pose a risk to numerous components of the Samsung ecosystem.

The thorough examination undertaken by the government's cybersecurity experts reveals many possible concerns. Inadequate access control in Knox features, integer overflow vulnerabilities in face recognition software, authorization concerns with the AR Emoji app, error handling in Knox security software, and many memory corruption vulnerabilities in various system components are among them.


Current Issue