After flagging multiple security threats in iPhones over last several months, the Indian Computer Emergency Response Team (CERT-In) has now detected certain high-risk vulnerabilities in Samsung and Google Pixel phones, according to latest advisories issued by the government agency.The issue in Samsung phones pertain to Android versions 11,12,13, and 14, whereas for Google Pixel phones the security threat was detected in security patch levels prior to December 5, CERT-In said.The security risk notification flagged by CERT-In in the phones of these brands, may give any hacker bypass security restrictions and access to sensitive information of users, cyber security experts said.“Multiple vulnerabilities have been reported in Samsung products which could allow an attacker to bypass implemented security restrictions, access sensitive information, and execute arbitrary code on the targeted system,” the CERT-In advisory said.For Google Pixel too, CERT-In has said the, “multiple vulnerabilities could be exploited by a remote hacker to execute arbitrary code, gain elevated privileges, obtain sensitive information or cause denial of service condition on the targeted system”.The companies, however, have released the required updates for their phones and asked users to upgrade to latest software and security versions. CERT-In too has advised users to apply security updates as mentioned by the companies.According to Samsung’s website, the company as part of its monthly Security Maintenance Release (SMR) process, has issued the updates. “Please note that in some cases regular OS (operating system) upgrades may cause delays to planned security updates. However, users can be rest assured the OS upgrades will include up-to-date security patches when delivered,” the company said.“While we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models,” it added.Google, which owns Android, on its website said, “for Google devices, security patch levels of 2023-12-05 or later address all issues in this bulletin and all issues in the December 2023 Android Security Bulletin”.Lately, the government has increased its focus on analysing devices for any potential security threats after Apple’s recent alert notices about possibility of state-sponsored hacking, which was flagged by several opposition party leaders.From January to October this year, CERT-IN had detected and flagged 28 cases of vulnerabilities in Apple’s products. Meanwhile, CERT-In is currently investing the Apple’s threat notification case.
