Security News > 2023 > May > Warning: Samsung Devices Under Attack! New Security Flaw Exposed
The U.S. Cybersecurity and Infrastructure Security Agency warned of active exploitation of a medium-severity flaw affecting Samsung devices.
The issue, tracked as CVE-2023-21492, impacts select Samsung devices running Android versions 11, 12, and 13.
The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a privileged attacker to bypass address space layout randomization protections.
Other details about how the flaw is being exploited are currently not known, but vulnerabilities in Samsung phones have been weaponized by commercial spyware vendors in the past to deploy malicious software.
Back in August 2020, Google Project Zero also demonstrated a remote zero-click MMS attack that leveraged two buffer overwrite flaws in the Quram qmg library to defeat ASLR and achieve code execution.
In light of active abuse, CISA has added the shortcoming to its Known Exploited Vulnerabilities catalog, alongside two Cisco IOS flaws, urging Federal Civilian Executive Branch agencies to apply patches by June 9, 2023.
News URL
https://thehackernews.com/2023/05/samsung-devices-under-active.html
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks (source)
- Samsung phone users under attack, Google warns (source)
- Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-04 | CVE-2023-21492 | Information Exposure Through Log Files vulnerability in Samsung Android 11.0/12.0/13.0 Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | 4.4 |