Samsung and D-Link Under Cyber Threat: Eight New Vulnerabilities Detected by CISA

Reading Time: ( Word Count: )

July 4, 2023
Nextdoorsec-course

The Cybersecurity & Infrastructure Security Agency (CISA), renowned for issuing preventive measures to organizations based on recent research and threat actor exploits, has added and publicized a list of eight newly identified vulnerabilities being exploited by attackers.

These vulnerabilities are associated with two major entities, Samsung and D-Link.

Vulnerabilities (CVEs):

The eight new vulnerabilities include the following:

Samsung and D-Link Under Cyber Threat
  • CVE-2019-17621: D-Link DIR-859 Router Command Execution Vulnerability: Found in D-Link’s UPnP endpoint, this vulnerability has a CVSS Score of 9.8, indicating a critical risk.
  • CVE-2019-20500: D-Link DWL-2600AP Access Point Command Injection Vulnerability: This vulnerability, located in the configBackup or downloadServerip parameter, has a CVSS Score of 7.8, denoting a high risk.

In March 2023, threat actors exploited these D-Link vulnerabilities (CVE-2019-17621, CVE-2019-20500) to disseminate a variant of the Mirai botnet.

Also Read: “Inside Meduza Stealer’s Web: 19 Password Managers and 76 Crypto Wallets at Risk”

Samsung Mobile Devices Vulnerabilities:

  • CVE-2021-25487: Samsung Mobile Devices Out-of-Bounds Read Vulnerability: This flaw, resulting from the absence of boundary checks in a buffer, has a CVSS Score of 7.8, marking a high risk.
  • CVE-2021-25489: Samsung Mobile Devices Improper Input Validation Vulnerability: Due to insufficient input validation in the modem interface, this vulnerability exists, earning a CVSS Score of 5.5, indicating a medium risk.
  • CVE-2021-25394: Samsung Mobile Devices Race Condition Vulnerability: This vulnerability occurs as a race condition in the charger drivers and has a CVSS Score of 6.4, signifying a medium risk.
  • CVE-2021-25395: Samsung Mobile Devices Race Condition Vulnerability: A race condition in the charger driver enables local attackers to bypass signature checks, resulting in a CVSS Score of 6.4, reflecting a medium risk.
  • CVE-2021-25371: Samsung Mobile Devices Unspecified Vulnerability: Attackers can load arbitrary ELF libraries due to this vulnerability in the DSP driver, which has a CVSS Score 6.7, indicating a medium risk.
  • CVE-2021-25372: Samsung Mobile Devices Improper Boundary Check Vulnerability: This vulnerability arises from inadequate boundary checks in the DSP driver, allowing out-of-bounds memory access, earning it a CVSS Score of 6.7, signifying a medium risk.

There haven’t been publicly reported cases of these Samsung mobile device vulnerabilities being exploited. However, a commercial spyware vendor probably has already taken advantage of these vulnerabilities.

CISA released this list under the Binding Operational Directive to mitigate the potential risks these known exploits could pose to the federal enterprise.

Product users are encouraged to install the most recent vendor patches to reduce the risk of potential cyber-attacks.

Saher Mahmood

Saher Mahmood

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Top Security Practices to Protect Your Data in Cloud Services

Top Security Practices to Protect Your Data in Cloud Services

Cloud services make storing and accessing your data simple and flexible, but they also bring new security ...
Boosting Efficiency With Law Firm IT Solutions: A Guide for Small Practices

Boosting Efficiency With Law Firm IT Solutions: A Guide for Small Practices

Small law firms often juggle multiple responsibilities with limited resources, making efficiency a top priority. ...
Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *