June 7, 2023

The U.S. CISA has warned of active exploitation of a medium severity flaw affecting Samsung devices.

The security bug tracked as CVE-2023-21492 with a CVSS score of 4.4, impacts select Samsung devices running Android versions 11, 12, and 13.

The issue is described as an information disclosure flaw that could be exploited by a privileged attacker to bypass address space layout randomization protections.

Advertisements

ASLR is a security technique that’s designed to thwart memory corruption and code execution flaws by obscuring the location of an executable in a device’s memory.

Samsung advisory, notified that this exploit for this issue had existed in the wild, added it was privately disclosed to the company on January 17, 2023. Other details about how the flaws are being exploited are currently not known.

The other two bugs added to the catalog is

  • CVE-2004-1464 Cisco IOS Denial-of-Service Vulnerability
  • CVE-2016-6415 Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability

The bug was added to CISA Known Exploited Vulnerabilities Catalog, and the due date is set as June 09, 2023

Tags:

Leave a Reply

You may have missed

Microsoft to comply with LinkedIn GDPR Violation

Microsoft to comply with LinkedIn GDPR Violation

June 7, 2023
Google Fixes Third Chrome Zeroday

Google Fixes Third Chrome Zeroday

June 6, 2023
Moveit Attributed to Lace Tempest

Moveit Attributed to Lace Tempest

June 6, 2023
Byte Code Bites PYPI

Byte Code Bites PYPI

June 5, 2023
Enzo Biochem Suffers a Data Breach

Enzo Biochem Suffers a Data Breach

June 5, 2023
BlackSuit Ransomware Dissection

BlackSuit Ransomware Dissection

June 4, 2023
%d bloggers like this: