March 6, 2024 at 06:54AM
CISA added CVE-2023-21237 impacting Pixel phones and CVE-2021-36380 impacting Sunhillo SureLine to its Known Exploited Vulnerabilities catalog. Both vulnerabilities have potential security risks, affecting Pixel phone users and the aviation industry. Federal agencies must address these flaws by March 26, with all organizations urged to prioritize vulnerability management.
From the meeting notes, we have identified two vulnerabilities that have been added to the US cybersecurity agency CISA’s Known Exploited Vulnerabilities (KEV) list.
1. The first vulnerability (CVE-2023-21237) impacts Pixel phones and is related to hiding foreground service notifications due to a misleading or insufficient UI. It was patched by Google in June 2023 after limited targeted exploitation was reported. While there is no public information on its exploitation, it may be part of an exploit chain used by a commercial spyware vendor to hack Pixel Android phones.
2. The second vulnerability (CVE-2021-36380) impacts Sunhillo SureLine, a surveillance data distribution and conversion product for the aviation industry. This critical unauthenticated OS command injection flaw was disclosed and patched in the summer of 2021. Exploitation attempts for this vulnerability have been reported in November 2023 and are likely associated with the Mirai botnet.
CISA has instructed federal agencies to address these vulnerabilities by March 26, and it is urged that all organizations prioritize the resource for vulnerability management.