The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a medium-severity flaw affecting Samsung devices.
The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13.
The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a privileged attacker to bypass address space layout randomization (ASLR) protections.
Samsung, in an advisory released this month, said it was “notified that an exploit for this issue had existed in the wild,” adding it was privately disclosed to the company on January 17, 2023.
Other details about how the flaw is being exploited are currently not known, but vulnerabilities in Samsung phones have been weaponized by commercial spyware vendors in the past to deploy malicious software.
In light of active abuse, CISA has added the shortcoming to its Known Exploited Vulnerabilities (KEV) catalog, alongside two Cisco IOS flaws (CVE-2004-1464 and CVE-2016-6415), urging Federal Civilian Executive Branch (FCEB) agencies to apply patches by June 9, 2023.
Last week, CISA also added seven vulnerabilities to the KEV catalog, the oldest of which is a 13-year-old bug impacting Linux (CVE-2010-3904) that allows an unprivileged local attacker can escalate their privileges to root.
Source: https://thehackernews.com/