CVE-2023-21492 - Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
Samsung | Mobile Devices
- Date Added:
- 2023-05-19
- Due Date:
- 2023-06-09
- Vulnerability Name
Samsung Mobile Devices Insertion of Sensitive Information Into Log File Vulnerability
- Description
Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://security.samsungmobile.com/securityUpdate.smsb; https://nvd.nist.gov/vuln/detail/CVE-2023-21492
Free online web security scanner