Write new article from this text only in smaller paragraphs
There is a vulnerability in Samsung’s smartphones that attackers are currently actively exploiting. The firmware updates for the Android devices from this May close the gap. Users should therefore install them if they are available. The US cyber security authority CISA has included the vulnerability in the Known Exploited Vulnerabilities catalogue. This means that IT researchers have observed the vulnerability being exploited in attacks in the wild. Samsung cell phones: medium-risk vulnerability The vulnerability allows sensitive information such as kernel pointers to end up in the log files. This allows local attackers with elevated privileges to bypass ASLR – Address Space Layout Randomization, a feature to protect against attacks. As a result, they can circumvent the protective measure and inject and execute malicious code (CVE-2023-21492, CVSS 4.4, risk “medium”). Samsung’s update summary for May states that the vulnerability was reported to the company in mid-January. The update removes kernel pointers in the log files, the developers explain briefly. However, they also inform there that Samsung has received indications that an exploit to take advantage of the problem exists in the wild. Neither Samsung nor CISA explain what the observed attacks look like. Neither who carries them out nor what they actually do. A link to other security gaps would be conceivable, since attackers first have to gain higher rights. However, spyware could simply request such rights from victims during installation. Samsung closed the gap with updates in May. Samsung users should therefore check whether a firmware update is already available for their mobile device and have it installed if it is available. (dmk) Home
