CVE-2016-4032
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.
Samsung en los dispositivos SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), y GT-I9505 build I9505XXUHOJ2 (Galaxy S4) no bloquean AT+USBDEBUG y AT+WIFIVALUE, lo que permite a los atacantes modificar la configuraciĆ³n de Android aprovechando el acceso AT, tambiĆ©n conocido como SVE-2016-5301.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-04-15 CVE Reserved
- 2017-04-13 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-284: Improper Access Control
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/97650 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004 | 2024-08-06 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Samsung Search vendor "Samsung" | Galaxy S6 Firmware Search vendor "Samsung" for product "Galaxy S6 Firmware" | g920fxxu2coh2 Search vendor "Samsung" for product "Galaxy S6 Firmware" and version "g920fxxu2coh2" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy S6 Search vendor "Samsung" for product "Galaxy S6" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy Note 3 Firmware Search vendor "Samsung" for product "Galaxy Note 3 Firmware" | n9005xxugbob6 Search vendor "Samsung" for product "Galaxy Note 3 Firmware" and version "n9005xxugbob6" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy Note 3 Search vendor "Samsung" for product "Galaxy Note 3" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy S4 Mini Firmware Search vendor "Samsung" for product "Galaxy S4 Mini Firmware" | i9192xxubnb1 Search vendor "Samsung" for product "Galaxy S4 Mini Firmware" and version "i9192xxubnb1" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy S4 Mini Search vendor "Samsung" for product "Galaxy S4 Mini" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy S4 Mini Lte Firmware Search vendor "Samsung" for product "Galaxy S4 Mini Lte Firmware" | i9195xxucol1 Search vendor "Samsung" for product "Galaxy S4 Mini Lte Firmware" and version "i9195xxucol1" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy S4 Mini Lte Search vendor "Samsung" for product "Galaxy S4 Mini Lte" | - | - |
Safe
|
| Samsung Search vendor "Samsung" | Galaxy S4 Firmware Search vendor "Samsung" for product "Galaxy S4 Firmware" | i9505xxuhoj2 Search vendor "Samsung" for product "Galaxy S4 Firmware" and version "i9505xxuhoj2" | - |
Affected
| in | Samsung Search vendor "Samsung" | Galaxy S4 Search vendor "Samsung" for product "Galaxy S4" | - | - |
Safe
|