CVE-2016-4032
published 2017-04-13CVE-2016-4032: Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build…
medium4.6CVSS 3.0
AVPACLPRNUINSUCNIHAN
Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | galaxy_note_3_firmware | — | — |
| samsung | galaxy_s4_firmware | — | — |
| samsung | galaxy_s4_mini_firmware | — | — |
| samsung | galaxy_s4_mini_lte_firmware | — | — |
| samsung | galaxy_s6_firmware | — | — |