Critical vulnerability affects Samsung devices: CISA alert
The US cyber security agency reports a new flaw affecting Samsung devices with Android 11, 12 and 13. The risk is the circumvention of the ASLR protection system, fearing possible targeted attacks
The US government agency specializing in infrastructure and cyber security, known as the US Infrastructure and Cyber Security Agency (CISA), recently reported a new entry in its Catalog of Known and Exploited Vulnerabilities. This vulnerability, labeled CVE-2023-21492 and with a CVSS severity score of 4.4, affects several Samsung-brand devices running Android versions 11, 12, and 13.
The specificity of this vulnerability lies in the disclosure of information, a mechanism that could allow potential attackers to circumvent the ASLR (Address Space Layout Randomization) protection system, designed to prevent the identification of specific memory addresses by malicious code. In practice, an attacker exploiting this vulnerability could bypass the ASLR mechanism, thus making it easier for malicious code to be executed on the affected device.
Samsung, the global technology industry giant, confirmed that it was notified of the existence of an exploit for this vulnerability as of mid-January 2023, with information privately sent to the company. The exploit was later fixed, but neither CISA nor Samsung offered further details on the nature of the exploitation of this vulnerability.
It should be mentioned that in the past the vulnerabilities present in Samsung phones have been used by commercial entities that distribute spyware to inject various types of malware into the devices. Again, the vulnerability has been placed on the known exploit list for zero-day vulnerabilities, a document curated by Google Project Zero researchers that catalogs all known vulnerabilities of this type.
According to Google's Project Zero report, the vulnerability was discovered by Clement Lecigne, a member of Google's TAG team. More worryingly, this vulnerability was used as part of a more complex exploit chain used for targeted attacks against users of Samsung devices in the United Arab Emirates (UAE). The case therefore highlights the importance of continuous vigilance on the IT security front, with the research and elimination of any vulnerabilities that can expose users to potential risks.
Follow us on Google News for more pills like this05/24/2023 16:00
Editorial AI