Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Critical vulnerability affects Samsung devices: CISA alert

The US cyber security agency reports a new flaw affecting Samsung devices with Android 11, 12 and 13. The risk is the circumvention of the ASLR protection system, fearing possible targeted attacks

Gruppo ECP

WE TURN YOUR GOALS INTO REALITY
Your competitive advantage starts here
DISCOVER HOW

Gruppo ECP

WE TURN YOUR GOALS INTO REALITY
Your competitive advantage
starts here
DISCOVER HOW

This pill is also available in Italian language

The US government agency specializing in infrastructure and cyber security, known as the US Infrastructure and Cyber Security Agency (CISA), recently reported a new entry in its Catalog of Known and Exploited Vulnerabilities. This vulnerability, labeled CVE-2023-21492 and with a CVSS severity score of 4.4, affects several Samsung-brand devices running Android versions 11, 12, and 13.

The specificity of this vulnerability lies in the disclosure of information, a mechanism that could allow potential attackers to circumvent the ASLR (Address Space Layout Randomization) protection system, designed to prevent the identification of specific memory addresses by malicious code. In practice, an attacker exploiting this vulnerability could bypass the ASLR mechanism, thus making it easier for malicious code to be executed on the affected device.

Samsung, the global technology industry giant, confirmed that it was notified of the existence of an exploit for this vulnerability as of mid-January 2023, with information privately sent to the company. The exploit was later fixed, but neither CISA nor Samsung offered further details on the nature of the exploitation of this vulnerability.

It should be mentioned that in the past the vulnerabilities present in Samsung phones have been used by commercial entities that distribute spyware to inject various types of malware into the devices. Again, the vulnerability has been placed on the known exploit list for zero-day vulnerabilities, a document curated by Google Project Zero researchers that catalogs all known vulnerabilities of this type.

According to Google's Project Zero report, the vulnerability was discovered by Clement Lecigne, a member of Google's TAG team. More worryingly, this vulnerability was used as part of a more complex exploit chain used for targeted attacks against users of Samsung devices in the United Arab Emirates (UAE). The case therefore highlights the importance of continuous vigilance on the IT security front, with the research and elimination of any vulnerabilities that can expose users to potential risks.

Follow us on Twitter for more pills like this

05/24/2023 16:00

Marco Verro

Last pills

Cloudflare repels the most powerful DDoS attack ever recordedAdvanced defense and global collaboration to tackle new challenges of DDoS attacks

Silent threats: the zero-click flaw that compromises RDP serversHidden risks in remote work: how to protect RDP servers from invisible attacks

Discovery of vulnerability in Secure Boot threatens device securityFlaw in the Secure Boot system requires urgent updates to prevent invisible intrusions

North korean cyberattacks and laptop farming: threats to smart workingAdapting to new digital threats of remote work to protect vital data and infrastructures

Don’t miss the most important news
Enable notifications to stay always updated