CISA Warns of Samsung Devices' Security Flaw

CISA Warns of Samsung Devices' Security Flaw, Allowing Android ASLR Bypass

GAGANDEEP SINGH 21-May-2023

[{"selector":"#anim-6f8439d4-76b7-4485-95f2-736a358a4312","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-02a43e4c-af0e-4784-a75a-65cd59bc5499","keyframes":{"transform":["translate3d(-121.52777%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-24b6312f-351b-43f4-a8f4-4f7cbc009d5d [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] U.S.A.'s Cybersecurity & Infrastructure Security Agency (CISA) has warned about a security flaw affecting Samsung devices.

[{"selector":"#anim-bd8c8df5-6e6f-4092-8092-9b972dac006b","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-09a3632a-b43f-48b0-9aaf-6e750dfeb3a0","keyframes":{"transform":["translate3d(-121.52777%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-d6500040-7479-4bfa-bdcb-58907eaf82a0 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] The devices have been used for conducting attacks & bypass the operating system's security.

[{"selector":"#anim-25f4911a-35ec-4bd7-8bc0-4477acaa4bf5","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-654302d4-49e5-45c3-bd14-9321d0db3f4b","keyframes":{"transform":["translate3d(-121.52777%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-a187eca5-c9e9-4048-a4e9-a6ecfbe8dd01 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-32.37792958056996%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] The security vulnerability identified as CVE-20223-21492 affects the Samsung handset due to info in log files.

[{"selector":"#anim-35b30a99-765b-4aff-bc3e-5726ac1359b4","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-1040aa96-8111-4424-80b6-f2307c374b6f","keyframes":{"transform":["translate3d(-121.52777%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ee545d1c-6755-4cf1-8f18-30bdb0cb20f2 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(23.518870874332865%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] Info can be used by local attackers with high privileges to conduct a bypass which will enable exploitation.

[{"selector":"#anim-fcc8a530-93d8-4a45-be1d-9a3d6ab08a87","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-20bd4e02-440c-4d15-8497-4f96c80966fb","keyframes":{"transform":["translate3d(-120.48611%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-f63b27d3-b9a6-4b5f-b7af-a848f0f83662 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] Although Samsung did address this issue in its monthly security updates & ensured that it has been taken care of.

[{"selector":"#anim-7704b5ad-9d59-4488-9c1b-d9dc759d5032","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-e13af5dc-2ae9-4e4d-a35c-fa643072ba0a","keyframes":{"transform":["translate3d(-120.48611%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-ec8c6922-04c9-4d94-bc74-eeae415fb419 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] According to the SMR, the company has been informed about the vulnerability existing in the wild.

[{"selector":"#anim-391e4ce2-4c15-4240-bf6b-c514b727b14e","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-853b6378-1167-4df7-b630-59ec4d1654e9","keyframes":{"transform":["translate3d(-121.52777%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-340c3299-e6dc-4c5b-a369-9b6b6c085533 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0) translate(-25%, 0%) scale(1.5)","translate3d(0%, 0, 0) translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"fill":"forwards"}] However, Samsung did not share the details of the security flaw.

[{"selector":"#anim-d535d97c-ec4a-46b4-8732-c3649d8f49a3","keyframes":{"opacity":[0,1]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-6531ec63-9a4f-4cd4-b4e7-106178fe9c05","keyframes":{"transform":["translate3d(-121.52777%, 0px, 0)","translate3d(0px, 0px, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(0.2, 0.6, 0.0, 1)","fill":"both"}] [{"selector":"#anim-08eb107d-0bc6-433c-9e3d-f7e8c5d1e58e [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-19.391903338688866%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}] These security flaws are frequently exploited as a part of a system exploit chain in highly targeted activities.

CISA Warns of Samsung Devices' Security Flaw, Allowing Android ASLR Bypass

Read the full story here.