Security News > 2023 > May > CISA warns of Samsung ASLR bypass flaw exploited in attacks

CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization protection.

The exposed info can be used by local attackers with high privileges to conduct an ASLR bypass which could enable the exploitation of memory-management issues.

While Samsung didn't provide details about CVE-2023-21492 exploitation, such security vulnerabilities are often abused as part of complex exploit chains in highly-targeted attacks.

In March, Google's Threat Analysis Group and Amnesty International exposed two recent series of attacks employing exploit chains of Android, iOS, and Chrome flaws to install commercial spyware, with one of the campaigns targeting Samsung users in the United Arab Emirates.

U.S. Federal Civilian Executive Branch Agencies have been given a three-week deadline, until June 9, to secure their Samsung Android devices against attacks exploiting CVE-2023-21492 after CISA added the vulnerability on Friday to its catalog of Known Exploited Vulnerabilities.

While primarily aimed at U.S. federal agencies, it is strongly recommended that private companies also prioritize addressing vulnerabilities listed in the cybersecurity agency's list of bugs exploited in attacks.

News URL

https://www.bleepingcomputer.com/news/security/cisa-warns-of-samsung-aslr-bypass-flaw-exploited-in-attacks/