Skip to main content

Samsung Products Multiple Vulnerabilities

Release Date: 3 May 2023 4911 Views

RISK: Medium Risk

TYPE: Operating Systems - Mobile & Apps

TYPE: Mobile & Apps

Multiple vulnerabilities were identified in Samsung Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution,  security restriction bypass, data manipulation and sensitive information disclosure on the targeted system.

 

Note:

CVE-2023-21492 is being exploited in the wild. The vulnerability is related to kernel pointers printed in the log file that allows a privileged local attacker to bypass ASLR.


Impact

  • Denial of Service
  • Elevation of Privilege
  • Information Disclosure
  • Remote Code Execution
  • Security Restriction Bypass
  • Data Manipulation

System / Technologies affected

  • Android 11, 12, 13
  • Selected Android 11, 12, 13 Qualcomm devices
  • Select devices using Exynos CP chipsets

 

For affected products, please refer to the link below:

https://security.samsungmobile.com/securityUpdate.smsb


Solutions

Before installation of the software, please visit the vendor web-site for more details.


Vulnerability Identifier


Source


Related Link