TR-21-0512 (Android Güvenlik Zafiyeti)

Genel Bilgi

Android'in bazı versiyonlarında Bilgi İfşası, Hizmet Kesintisi ve Uzaktan Kod Çalıştırma zafiyeti tespit edilmiştir.

Etki

Mevcut zafiyetler nedeniyle hedef sistemler kontrol altına alınabilir. CVE kodları şöyledir:

CVE-2021-32695, CVE-2021-0534, CVE-2021-0535, CVE-2021-0554, CVE-2021-0555, CVE-2021-0556, CVE-2021-0557, CVE-2021-0558, CVE-2021-0559, CVE-2021-0561, CVE-2021-0562, CVE-2021-0563, CVE-2021-0564, CVE-2021-0565, CVE-2021-0566, CVE-2021-0567, CVE-2021-0568, CVE-2021-0569, CVE-2021-0570, CVE-2021-0571 ve CVE-2021-0572

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM) kullanıcı ve sistem yöneticilerine yayınlanan güncellemeleri incelemelerini ve gerekli güncellemeleri yapmalarını tavsiye etmektedir.

Kaynaklar

https://hackerone.com/reports/1142918

https://github.com/nextcloud/android/pull/8433

https://www.cybersecurity-help.cz/vdb/SB2021062205Information

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0534

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0535

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0554

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0556

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0558

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0564

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0570

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0572

https://www.cybersecurity-help.cz/vdb/SB2021062205

2021-06-23