Samsung has warned its users about critical security vulnerabilities that affect several Galaxy and Note devices. Out of all the 21 vulnerabilities, three of them are rated as ‘high’. There are 17 vulnerabilities related to Samsung One UI and four of them related to Android.
Last week, Google had discovered zero-day vulnerabilities in its Android kernel code that affected several Android devices. Google has already started rolling out updates to its devices from 8 October. The newly reported vulnerability by Forbes affects the Samsung Galaxy S8, S9, S10, S10e, S10 Plus, S10 5G, Note 9, Note 10 and Note 10 Plus.
Samsung has sent out updates to Galaxy devices under its Security Maintenance Release (SMR). This update includes the patches from Google as well. The SMR update states that the patch improves protection against potential IMEI manipulation. On account of a device being stolen, criminals will be able to take advantage of this vulnerability to bypass the IMEI blacklist to resell the stolen device.
It is highly recommended to download the latest updates if you’re a user of any of the above-mentioned devices. Since the vulnerability is already known to the public, it won’t take much time for attackers to get cracking.