CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 64.7%

CVSS Severity

CVSS v3 Score 4.4

Proposed Action

Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.

Ransomware Campaign

Unknown

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=05

Products affected by CVE-2023-21492

Samsung » Android » Version: 11.0

cpe:2.3:o:samsung:android:11.0
Samsung » Android » Version: 12.0

cpe:2.3:o:samsung:android:12.0
Samsung » Android » Version: 13.0

cpe:2.3:o:samsung:android:13.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-21492

Products

Pricing

Contact Us