Home > Cyber News > CVE-2023-21492 in Samsung Devices that Run Android 11, 12, 13
CYBER NEWS

CVE-2023-21492 in Samsung Devices that Run Android 11, 12, 13

by   |  Last Update:  |  0 Comments  

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding active exploitation of medium-severity Samsung device vulnerability, tracked as CVE-2023-21492 and scoring 4.4 on CVSS. The issue impacts Samsung Devices running Android versions 11, 12, and 13.

What Is CVE-2023-21492?

The official technical description says that “Kernel pointers are printed in the log file prior to SMR May-2023 Release 1” thus allowing a privileged local attacker to bypass ASLR. ASLR is a preventative measure that obfuscates executable memory locations against memory corruption and code execution flaws.

CVE-2023-21492 in Samsung Devices that Run Android 11, 12, ND 13

According to Samsung, an attacker with privileges can launch an exploitation bypassing the address space layout randomization (ASLR) security protections in said Android versions.

Apparently, the vulnerability was privately discovered on January 17, 2023, and exploit for it existed in the wild since then. There are no further details regarding its abuse, yet earlier records show malicious software has been distributed via Samsung devices in the past.




According to the Google Project Zero research, in August 2020, a remote zero-click MMS attack was carried out, succeeding code execution via two buffer overwrite vulnerabilities in the Quram qmg library (SVE-2020-16747 and SVE-2020-17675).

CISA has added the flaw to its Known Exploited Vulnerabilities (KEV) catalogue, alongside two Cisco IOS bugs (CVE-2004-1464 and CVE-2016-6415), and orders Federal Civilian Executive Branch (FCEB) agencies to patch it before June 9, 2023. The agency has also added seven more flaws to the KEV catalog, the oldest of which is a 13-year-old Linux vulnerability (CVE-2010-3904) leading to unprivileged operation escalation.

Google Project Zero experts confirmed that the Samsung security flaw was discovered by Clement Lecigne of the Google Threat Analysis Group (TAG). This supports the indications of its exploitation for a spyware campaign.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  2. CVE-2023-24033, 17 Other Zero-Days in Exynos Chipsets Impact Android Devices Google Project Zero has highlighted a set of dangerous security...
  3. Apple Fixes CVE-2023-28206, CVE-2023-28205 Zero-Days Apple has released emergency updates to address two actively exploited...
  4. January 2023 Patch Tuesday Fixes Actively Exploited CVE-2023-21674 The first Patch Tuesday fixes shipped by Microsoft for 2023...
  5. Samsung Devices Randomly Sending Owners’ Photos to Contacts Do you have a Samsung smartphone? There is something you...
  6. The Best Smartphone for Oct 2014 The review for the best smartphone for October 2014 will...
  7. CVE-2023-29336: Microsoft Fixes Privilege Escalation Flaw in Win32k Microsoft has released its May 2023 Patch Tuesday updates to...
  8. SVE-2019-15435 Critical Bug: 40 Million Samsung Users at Risk SVE-2019-15435 is one of 21 vulnerabilities in Samsung devices which...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree