The U.S. CISA has added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
- CVE-2023-21237 Android Pixel Information Disclosure Vulnerability
- CVE-2021-36380 Sunhillo SureLine OS Command Injection Vulnerablity
- CVE-2024-21338 Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control vulnerability
The first is an Android Pixel vulnerability that resides in applyRemoteView of NotificationContentInflater.java. The exploitation of this vulnerability could lead to local information disclosure with no additional execution privileges needed. The exploitation doesn’t require user interaction.
The issue is likely chained with other flaws in an exploit used by a commercial spyware vendor or a nation-state actor.
The second issue added to the Catalog is an OS Command Injection vulnerability in Sunhillo SureLine. The exploitation of the flaw can allow to execute arbitrary commands with root privileges. The exploitation can lead to complete system compromise.
The third vulnerabilityis related to Windows kernal attacker can exploit this vulnerability to gain SYSTEM privileges. To take advantage of this vulnerability, a threat actor must initially log in to the system. Then he could execute a specially crafted application designed to exploit the vulnerability and assume control of the compromised system.
CISA orders federal agencies to fix this vulnerability by March 26, 2024.
