Select Page

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a set of eight flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices. All the flaws have been patched as of 2021.

  • CVE-2021-25394 (CVSS score: 6.4) – Samsung mobile devices race condition vulnerability
  • CVE-2021-25395 (CVSS score: 6.4) – Samsung mobile devices race condition vulnerability
  • CVE-2021-25371 (CVSS score: 6.7) – An unspecified vulnerability in the DSP driver used in Samsung mobile devices that allows loading of arbitrary ELF libraries
  • CVE-2021-25372 (CVSS score: 6.7) – Samsung mobile devices improper boundary check within the DSP driver in Samsung mobile devices
  • CVE-2021-25487 (CVSS score: 7.8) – Samsung mobile devices out-of-bounds read vulnerability leading to arbitrary code execution
  • CVE-2021-25489 (CVSS score: 5.5) – Samsung Mobile devices improper input validation vulnerability resulting in kernel panic
  • CVE-2019-17621 (CVSS score: 9.8) – An unauthenticated remote code execution vulnerability in D-Link DIR-859 Router
  • CVE-2019-20500 (CVSS score: 7.8) – An authenticated OS command injection vulnerability in D-Link DWL-2600AP

The addition of the two D-Link vulnerabilities follows a report from Palo Alto Networks Unit 42 last month about threat actors associated with a Mirai botnet variant leveraging flaws in several IoT devices to propagate the malware in a series of attacks beginning in March 2023.

images from Hacker News