Saturday , September 7 2024
Samsung

Samsung mobile devices 25 flaws patched

Samsung has patched 25 vulnerabilities in its mobile devices. This is to strengthen them against code execution and privilege escalation attacks. Samsung is continuously working to improve the security of its smartphones and tablets, protecting the safety and privacy of its users.

Samsung recently disclosed vulnerabilities, known as Samsung Vulnerabilities and Exposures (SVE) items, in their latest security bulletin.

Cisco released security updates for two critical security flaws

CISCO released security updates for two critical security flaws impacting its smart Licensing Utility that could allow unauthenticated, remote attackers...
Read More
Cisco released security updates for two critical security flaws

OpenBAS: Cutting-edge breach and attack simulation platform

OpenBAS is a platform that helps organizations to plan, schedule, and conduct crisis exercises, adversary simulations, and breach simulations. OpenBAS...
Read More
OpenBAS: Cutting-edge breach and attack simulation platform

Critical Security Flaws Patched in Zyxel Networking Devices

Zyxel has released software updates to fix a serious security issue in certain access point (AP) and security router versions....
Read More
Critical Security Flaws Patched in Zyxel Networking Devices

CVE-2024-38811: CEV In VMware Fusion Unveiled

VMware released a security advisory for a major vulnerability in the VMware Fusion product. This vulnerability could be exploited by...
Read More
CVE-2024-38811: CEV In VMware Fusion Unveiled

CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

Indian Computer Emergency Response Team (CERT-IN) issued advisories about multiple vulnerabilities in various Palo Alto Networks applications. Attackers could exploit...
Read More
CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

How Malaysia’s Data Centre Industry Poised for Growth

Malaysia is quickly becoming a leading choice for investing in data centers. It aims to generate RM3.6 billion (US$781 million)...
Read More
How Malaysia’s Data Centre Industry Poised for Growth

RansomHub exfiltrated data over 210 victims: US alert

US authorities have issued a cybersecurity advisory about a ransomware group called RansomHub. The group is thought to have stolen data...
Read More
RansomHub exfiltrated data over 210 victims: US alert

Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

There is a new way to attack Atlassian Confluence using the vulnerability CVE-2023-22527. The Confluence Data Center and Server products...
Read More
Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

New Cicada ransomware targets VMware ESXi servers

The Cicada3301 ransomware is made in Rust and attacks Windows and Linux/ESXi hosts. Truesec researchers examined a version that targets...
Read More
New Cicada ransomware targets VMware ESXi servers

Monday hits two UK bank apps causes outages

Lloyds Bank and Virgin Money's internet banking services were down on Monday, causing trouble for users to access and view...
Read More
Monday hits two UK bank apps causes outages

The problems affected different parts of Samsung devices, such as the operating system, firmware, and Samsung’s own software.

The vulnerabilities could let bad actors run harmful code on the devices or increase their privileges, getting unauthorized access to important information or system functions.

Samsung quickly responded to security threats, showing their commitment to protecting users from cyber threats.

SVE-2023-1778 (CVE-2024-20866):
There was a vulnerability in the Setupwizard that allowed unauthorized users to bypass device setup authentication. The patch for this vulnerability fixed the issue by removing unnecessary internet access during setup to prevent unauthorized access.

SVE-2023-2193 (CVE-2024-20855):
There was a problem with access control in the multitasking framework, which could have let unauthorized users access and control multitasking functions, allowing privilege escalation attacks. The update fixed this by imposing stricter access controls.

SVE-2023-2265 (CVE-2024-20856):
Samsung’s Secure Folder had a security flaw that allowed hackers to bypass authentication and access private data stored in it. The flaw has been fixed.

SVE-2024-0092 (CVE-2024-20861) and SVE-2024-0096 (CVE-2024-20862):

SveService had vulnerabilities: a use-after-free issue and an out-of-bounds write flaw. Both could allow arbitrary code execution. The patches fixed these memory corruption issues to prevent exploitation.

SVE-2024-0234 (CVE-2024-20865):
An authentication bypass in the bootloader allowed physical attackers to flash any images. The patch has added verification checks to prevent unauthorized flashing, improving the security of the device’s boot process.

SVE-2024-0357 (CVE-2024-20864):
A security issue in DarManagerService was fixed. This issue could have allowed unauthorized access, which could lead to further attacks.

The fixed vulnerabilities were included in a larger security update from Google that addressed issues with the Android operating system.

Check Also

coding

Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

There is a new way to attack Atlassian Confluence using the vulnerability CVE-2023-22527. The Confluence …

Leave a Reply

Your email address will not be published. Required fields are marked *