Monday, 22 May 2023 11:33

Samsung Discloses Medium Vulnerability Exploited in the Wild First Identified in January 2023

Written by

Reading time is around minutes.

First identified in January of 2023, Samsung has put a warning about a CVSS 4.4 vulnerability (CVE-2023-21492) that Is actively being exploited in the wild. The flaw, which impacts Samsung devices that are running Android 11, 12, and 13, was first disclosed to Samsung privately on January 17th, 2023. CISA (Cybersecurity and Infrastructure Security Agency) has also issued a warning about the flaw.

CVE-2023-21492 is an information disclosure flaw that allows an attacker to bypass memory address randomization protections (ASLR – Address Space Layout Randomization). These protections are designed to prevent an attacker from easily reading or identifying locations in memory for specific process or binary. By randomizing the layout, it can help with preventing injecting code, or reading malicious code pushed into memory for later use (in overly simplistic terms).

The discovery of such a low CVSS (4.4) scored vulnerability being actively exploited in the wild is a great illustration of why the common practice of chasing critical and high vulnerabilities for patching is no longer matching the threat landscape. Following this practice (as Samsung might have done) this vulnerability would be left on the table and not patched. Attackers know this and will move in to leverage an exposure that might be left behind.

Instead of just going after the high and critical vulnerabilities organizations should enrich their data with EPSS and KEV data (Exploitation Probability Scoring System and Known Exploited Vulnerabilities). By adding this data into existing CVSS data it can help prioritize remediation efforts to reduce exposure to attack. This is not saying that you should not remediate critical and high vulnerabilities, but that you should focus on removing probable and known attack vectors first to reduce the risk of compromise and not just focus on what is at the top of the CVSS scale.

Read 357 times

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.