Official forum for Utopia Community

You are not logged in.

#1 2023-05-21 21:19:00

Registered: 2023-01-04
Posts: 676

Samsung devices are under attack, beware! New Security Hole Found

The US the medium-severity flaw affecting Samsung devices has been actively exploited, according to the Cybersecurity and Infrastructure Security Agency (CISA).

Selected Samsung devices running Android versions 11, 12, and 13 are affected by the problem, which is logged as CVE-2023-21492 (CVSS score: 4.4).

A privileged attacker could use the problem, which was described by the South Korean electronics behemoth as an information disclosure flaw, to get around address space layout randomization (ASLR) security measures.

By hiding an executable's location in a device's memory, the ASLR security technique aims to thwart memory corruption and code execution flaws.

In a security alert published this month, Samsung stated that it was "notified that an exploit for this issue had existed in the wild," adding that the information was given to the business on January 17, 2023.

Other information about how the flaw is being used is currently unknown, but commercial spyware vendors have in the past used vulnerabilities in Samsung phones as a weapon to spread malicious software.

A remote zero-click MMS attack was also demonstrated by Google Project Zero in August 2020. It used two buffer overwrite flaws in the Quram qmg library (SVE-2020-16747 and SVE-2020-17675) to bypass ASLR and execute code.

Due to ongoing abuse, CISA has added the flaw to its list of "Known Exploited Vulnerabilities" (KEV) along with two Cisco IOS security holes (CVE-2004-1464 and CVE-2016-6415), advising Federal Civilian Executive Branch (FCEB) organizations to patch their systems by June 9, 2023.

Last week, CISA also added seven vulnerabilities to the KEV database, the oldest of which is a 13-year-old Linux bug (CVE-2010-3904) that enables a local attacker with no privileges to gain root access.


Board footer

Powered by FluxBB