// For flags

CVE-2016-4030

 

Severity Score

6.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.

Samsung en dispositivos SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), y GT-I9505 build I9505XXUHOJ2 (Galaxy S4) tienen disponibilidad no deseada del módem en el número de configuración USB 2 dentro del estado de caída seguro, lo que permite a un atacante realizar llamadas telefónicas, enviar mensajes de texto o emitir comandos, también conocido como SVE-2016-5301.

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-04-15 CVE Reserved
  • 2017-04-13 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-284: Improper Access Control
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Samsung
Search vendor "Samsung"
Galaxy S6 Firmware
Search vendor "Samsung" for product "Galaxy S6 Firmware"
g920fxxu2coh2
Search vendor "Samsung" for product "Galaxy S6 Firmware" and version "g920fxxu2coh2"
-
Affected
in Samsung
Search vendor "Samsung"
Galaxy S6
Search vendor "Samsung" for product "Galaxy S6"
--
Safe
Samsung
Search vendor "Samsung"
Galaxy Note 3 Firmware
Search vendor "Samsung" for product "Galaxy Note 3 Firmware"
n9005xxugbob6
Search vendor "Samsung" for product "Galaxy Note 3 Firmware" and version "n9005xxugbob6"
-
Affected
in Samsung
Search vendor "Samsung"
Galaxy Note 3
Search vendor "Samsung" for product "Galaxy Note 3"
--
Safe
Samsung
Search vendor "Samsung"
Galaxy S4 Mini Firmware
Search vendor "Samsung" for product "Galaxy S4 Mini Firmware"
i9192xxubnb1
Search vendor "Samsung" for product "Galaxy S4 Mini Firmware" and version "i9192xxubnb1"
-
Affected
in Samsung
Search vendor "Samsung"
Galaxy S4 Mini
Search vendor "Samsung" for product "Galaxy S4 Mini"
--
Safe
Samsung
Search vendor "Samsung"
Galaxy S4 Mini Lte Firmware
Search vendor "Samsung" for product "Galaxy S4 Mini Lte Firmware"
i9195xxucol1
Search vendor "Samsung" for product "Galaxy S4 Mini Lte Firmware" and version "i9195xxucol1"
-
Affected
in Samsung
Search vendor "Samsung"
Galaxy S4 Mini Lte
Search vendor "Samsung" for product "Galaxy S4 Mini Lte"
--
Safe
Samsung
Search vendor "Samsung"
Galaxy S4 Firmware
Search vendor "Samsung" for product "Galaxy S4 Firmware"
i9505xxuhoj2
Search vendor "Samsung" for product "Galaxy S4 Firmware" and version "i9505xxuhoj2"
-
Affected
in Samsung
Search vendor "Samsung"
Galaxy S4
Search vendor "Samsung" for product "Galaxy S4"
--
Safe