CVE-2023-21509

Vulnerability

An out-of-bounds write vulnerability exists in the bc_tui trustlet of Samsung Blockchain Keystore when processing the BC_TUI_CMD_UPDATE_SCREEN command. This occurs in versions prior to 1.3.12.1. The flaw allows writing beyond the allocated buffer boundaries during screen update handling.

Exploitation

The attacker must have local access to the device and be able to send crafted BC_TUI_CMD_UPDATE_SCREEN commands to the bc_tui trustlet. No additional authentication or user interaction is required beyond local execution rights. The exact exploitation steps are not detailed in the available references, but the out-of-bounds write condition can be triggered by supplying a command with manipulated size or offset parameters.

Impact

Successful exploitation allows the local attacker to execute arbitrary code within the context of the trustlet, potentially leading to full compromise of the Blockchain Keystore's security functions. This could result in disclosure or modification of sensitive cryptographic material stored by the keystore.

Mitigation

Samsung has addressed this vulnerability in Blockchain Keystore version 1.3.12.1, released in May 2023 [1]. Users should update to this version or later via Samsung's security update process. No workaround other than applying the update is documented.