CVE-2016-4030

Published on: 04/13/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:26:57 PM UTC

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Galaxy Note 3 from Samsung contain the following vulnerability:

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.

  • CVE-2016-4030 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 6.8 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
PHYSICAL LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 4.6 - MEDIUM

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Multiple Samsung Galaxy Products CVE-2016-4030 Security Bypass Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 97701
advisories/android/samsung/nocve-2016-0004 at master · ud2/advisories · GitHub Exploit
Technical Description
Third Party Advisory
github.com
text/html
URL Logo MISC github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareSamsungGalaxy Note 3-AllAllAll
HardwareSamsungGalaxy Note 3-AllAllAll
Operating
System
SamsungGalaxy Note 3 Firmwaren9005xxugbob6AllAllAll
Operating
System
SamsungGalaxy Note 3 Firmwaren9005xxugbob6AllAllAll
HardwareSamsungGalaxy S4-AllAllAll
HardwareSamsungGalaxy S4-AllAllAll
Operating
System
SamsungGalaxy S4 Firmwarei9505xxuhoj2AllAllAll
Operating
System
SamsungGalaxy S4 Firmwarei9505xxuhoj2AllAllAll
HardwareSamsungGalaxy S4 Mini-AllAllAll
HardwareSamsungGalaxy S4 Mini-AllAllAll
Operating
System
SamsungGalaxy S4 Mini Firmwarei9192xxubnb1AllAllAll
Operating
System
SamsungGalaxy S4 Mini Firmwarei9192xxubnb1AllAllAll
HardwareSamsungGalaxy S4 Mini Lte-AllAllAll
HardwareSamsungGalaxy S4 Mini Lte-AllAllAll
Operating
System
SamsungGalaxy S4 Mini Lte Firmwarei9195xxucol1AllAllAll
Operating
System
SamsungGalaxy S4 Mini Lte Firmwarei9195xxucol1AllAllAll
HardwareSamsungGalaxy S6-AllAllAll
HardwareSamsungGalaxy S6-AllAllAll
Operating
System
SamsungGalaxy S6 Firmwareg920fxxu2coh2AllAllAll
Operating
System
SamsungGalaxy S6 Firmwareg920fxxu2coh2AllAllAll
  • cpe:2.3:h:samsung:galaxy_note_3:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_note_3:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_note_3_firmware:n9005xxugbob6:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_note_3_firmware:n9005xxugbob6:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s4_firmware:i9505xxuhoj2:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s4_firmware:i9505xxuhoj2:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s4_mini_firmware:i9192xxubnb1:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s4_mini_firmware:i9192xxubnb1:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s4_mini_lte:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s4_mini_lte:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s4_mini_lte_firmware:i9195xxucol1:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s4_mini_lte_firmware:i9195xxucol1:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s6_firmware:g920fxxu2coh2:*:*:*:*:*:*:*:
  • cpe:2.3:o:samsung:galaxy_s6_firmware:g920fxxu2coh2:*:*:*:*:*:*:*: