Security News > 2023 > July > CISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices
The U.S. Cybersecurity and Infrastructure Security Agency has placed a set of eight flaws to the Known Exploited Vulnerabilities catalog, based on evidence of active exploitation.
This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices.
The addition of the two D-Link vulnerabilities follows a report from Palo Alto Networks Unit 42 last month about threat actors associated with a Mirai botnet variant leveraging flaws in several IoT devices to propagate the malware in a series of attacks beginning in March 2023.
It's not immediately clear how the flaws in Samsung devices are being exploited in the wild.
It's worth noting that Google Project Zero disclosed a set of flaws in November 2022 that it said were weaponized as part of an exploit chain aimed at Samsung handsets.
In light of active exploitation, Federal Civilian Executive Branch agencies are required to apply necessary fixes by July 20, 2023, to secure their networks against potential threats.
News URL
https://thehackernews.com/2023/07/cisa-flags-8-actively-exploited-flaws.html