CISA Warning! 8 Actively Exploited Flaws in Samsung and D-Link Devices - #CVE-2021-25487
In July 2023, the Cybersecurity and Infrastructure Security Agency (CISA) identified six vulnerabilities in Samsung smartphones and two vulnerabilities in D-Link routers that were actively being exploited. Although patches had been released by Samsung and D-Link in 2021, threat actors were still leveraging these security flaws to compromise devices.The Samsung vulnerabilities allowed for arbitrary code execution, privilege escalation and unauthorized access while the D-Link flaws permitted remote code execution and command injection.To mitigate risk, CISA directed Federal agencies to patch the vulnerabilities by July 2023 and recommended all organizations prioritize remediating security issues in the CISA catalog of exploited vulnerabilities. By implementing automated patch management and vulnerability monitoring, companies can help secure their networks and systems.