The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a set of eight flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
This includes six shortcomings affecting Samsung smartphones and two vulnerabilities impacting D-Link devices. All the flaws have been patched as of 2021.
- CVE-2021-25394 (CVSS score: 6.4) – Samsung mobile devices race condition vulnerability
- CVE-2021-25395 (CVSS score: 6.4) – Samsung mobile devices race condition vulnerability
- CVE-2021-25371 (CVSS score: 6.7) – An unspecified vulnerability in the DSP driver used in Samsung mobile devices that allows loading of arbitrary ELF libraries