CVE-2023-21492
Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
CVSS
—
Sin CVSS
EPSS
2.6%
p83
KEV
SÍ
19 may 2023
Exploit Today
75
0-100
Publicado: — · Última mod.: —
Producto
Samsung / Mobile Devices
Vulnerabilidad
Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
Añadido a KEV
19 may 2023
Remediar antes de
9 jun 2023
Uso conocido en ransomware
No
Descripción resumida
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.
Acción requerida
Apply updates per vendor instructions.
Notas
https://security.samsungmobile.com/securityUpdate.smsb; https://nvd.nist.gov/vuln/detail/CVE-2023-21492