The U.S. Cybersecurity and Infrastructure Security Company (CISA) warned of active exploitation of a medium-severity flaw influencing Samsung devices.
The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung equipment working Android versions 11, 12, and 13.
The South Korean electronics giant described the issue as an data disclosure flaw that could be exploited by a privileged attacker to bypass tackle area layout randomization (ASLR) protections.
ASLR is a security system that is designed to thwart memory corruption and code execution flaws by obscuring the spot of an executable in a device’s memory.
Samsung, in an advisory introduced this month, claimed it was “notified that an exploit for this issue had existed in the wild,” adding it was privately disclosed to the enterprise on January 17, 2023.
Future WEBINARZero Have faith in + Deception: Learn How to Outsmart Attackers!
Discover how Deception can detect superior threats, cease lateral motion, and greatly enhance your Zero Have confidence in approach. Sign up for our insightful webinar!
Save My Seat!
Other specifics about how the flaw is staying exploited are presently not acknowledged, but vulnerabilities in Samsung phones have been weaponized by commercial spy ware vendors in the earlier to deploy destructive software package.
Again in August 2020, Google Job Zero also demonstrated a distant zero-simply click MMS attack that leveraged two buffer overwrite flaws in the Quram qmg library (SVE-2020-16747 and SVE-2020-17675) to defeat ASLR and reach code execution.
In light-weight of energetic abuse, CISA has added the shortcoming to its Recognized Exploited Vulnerabilities (KEV) catalog, together with two Cisco IOS flaws (CVE-2004-1464 and CVE-2016-6415), urging Federal Civilian Executive Department (FCEB) agencies to apply patches by June 9, 2023.
Final 7 days, CISA also added seven vulnerabilities to the KEV catalog, the oldest of which is a 13-calendar year-previous bug impacting Linux (CVE-2010-3904) that allows an unprivileged neighborhood attacker can escalate their privileges to root.
Observed this short article intriguing? Comply with us on Twitter and LinkedIn to read through extra special information we publish.
Some parts of this article are sourced from:
thehackernews.com