The U.S. government has reported active exploitation of various vulnerabilities in smartphones manufactured by Samsung. These vulnerabilities, for which Samsung released patches in 2021, encompass six security flaws that could allow an attacker to execute arbitrary code. However, specific details about the attacks have not been disclosed by the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security.
Limited Information and Impact
Samsung has not publicly acknowledged any attacks. However, based on the impact scores assigned to these vulnerabilities, an attacker is suspected to require prior access to the device to exploit them likely. The only vulnerability with a “high” impact rating is CVE-2021-25487, for which an update was released in October 2021. This vulnerability enables an attacker to execute arbitrary code.
CISA’s Role and Deadlines
The CISA maintains a list of actively exploited vulnerabilities and establishes deadlines for federal government agencies to install the updates addressing these issues. The list, which provides insights into vulnerabilities being targeted by attackers, is periodically expanded with newly attacked security flaws. The latest update to the list includes the targeted Samsung vulnerabilities and two targeted vulnerabilities in D-Link routers. U.S. federal government agencies have been instructed to install the relevant updates by July 20th.
