1. Home
  2. CVE Database
  3. CVE-2016-4032
MEDIUM · 4.6

CVE-2016-4032

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I...

Vulnerability Description

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.

CVSS Score

4.6

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
HIGH
Availability
NONE

Affected Products

VendorProductVersions
SamsungGalaxy S6 Firmwareg920fxxu2coh2
SamsungGalaxy S6-
SamsungGalaxy Note 3 Firmwaren9005xxugbob6
SamsungGalaxy Note 3-
SamsungGalaxy S4 Mini Firmwarei9192xxubnb1
SamsungGalaxy S4 Mini-
SamsungGalaxy S4 Mini Lte Firmwarei9195xxucol1
SamsungGalaxy S4 Mini Lte-
SamsungGalaxy S4 Firmwarei9505xxuhoj2
SamsungGalaxy S4-

Related Weaknesses (CWE)

CWE-284

References

FAQ

What is CVE-2016-4032?

CVE-2016-4032 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I...

How severe is CVE-2016-4032?

CVE-2016-4032 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-4032?

Check the references section above for vendor advisories and patch information. Affected products include: Samsung Galaxy S6 Firmware, Samsung Galaxy S6, Samsung Galaxy Note 3 Firmware, Samsung Galaxy Note 3, Samsung Galaxy S4 Mini Firmware.