CISA Warns of Samsung Devices' Security Flaw, Allowing Android ASLR Bypass



U.S.A.'s Cybersecurity & Infrastructure Security Agency (CISA) has warned about a security flaw affecting Samsung devices.

The devices have been used for conducting attacks & bypass the operating system's security.

The security vulnerability identified as CVE-20223-21492 affects the Samsung handset due to info in log files.

Info can be used by local attackers with high privileges to conduct a bypass which will enable exploitation.

Although Samsung did address this issue in its monthly security updates & ensured that it has been taken care of.

According to the SMR, the company has been informed about the vulnerability existing in the wild.

However, Samsung did not share the details of the security flaw.

These security flaws are frequently exploited as a part of a system exploit chain in highly targeted activities.

Read the full story here.