Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw

[MuzzMelbourne]

Content source

https://thehackernews.com/2023/05/samsung-devices-under-active.html

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices.

The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13.

The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a privileged attacker to bypass address space layout randomization (ASLR) protections.

ASLR is a security technique that's designed to thwart memory corruption and code execution flaws by obscuring the location of an executable in a device's memory.

Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw

Heads up, Samsung devices under attack! CISA warns of an active exploitation targeting a medium-severity flaw.

thehackernews.com

 

[Freki123]

"Samsung, in an advisory released this month, said it was "notified that an exploit for this issue had existed in the wild," adding it was privately disclosed to the company on January 17, 2023."
Glad they move sooo fast

 

[MuzzMelbourne]

"Samsung, in an advisory released this month, said it was "notified that an exploit for this issue had existed in the wild," adding it was privately disclosed to the company on January 17, 2023."
Glad they move sooo fast

When I was posting this I saw a similar January post from Gandalf and I thought it couldn't be the same issue, but...