The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the active exploitation of a medium-severity vulnerability affecting Samsung devices running Android versions 11, 12, and 13. The vulnerability, tracked as CVE-2023-21492 and given a CVSS score of 4.4, is an information disclosure flaw that can be used by a privileged attacker to bypass address space layout randomization (ASLR) protections. Samsung has confirmed that an exploit for this issue was found in the wild and privately reported to the company on January 17, 2023.
It is unknown how this flaw is being exploited, but previous vulnerabilities in Samsung phones have been used by commercial spyware vendors. In August 2020, Google Project Zero demonstrated a remote zero-click MMS attack that leveraged two buffer overwrite flaws to defeat ASLR and achieve code execution.
In light of active abuse, CISA has added the flaw to its Known Exploited Vulnerabilities (KEV) catalog, alongside two Cisco IOS flaws, and has urged Federal Civilian Executive Branch (FCEB) agencies to apply patches by June 9, 2023.
Last week, CISA also added seven additional vulnerabilities to the KEV catalog, including a 13-year-old bug impacting Linux (CVE-2010-3904) that allows an unprivileged local attacker to escalate their privileges to root.
Source: Hackernews
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.