Vulnerability Description
Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Galaxy S8 Plus Firmware | - |
| Samsung | Galaxy S8 Plus | - |
| Samsung | Galaxy S3 Firmware | - |
| Samsung | Galaxy S3 | - |
| Samsung | Galaxy Note 2 Firmware | - |
| Samsung | Galaxy Note 2 | - |
References
- https://www.openconf.org/acsac2019/modules/request.php?module=oc_program&action=Third Party Advisory
- https://www.openconf.org/acsac2019/modules/request.php?module=oc_program&action=Third Party Advisory
FAQ
What is CVE-2019-16400?
CVE-2019-16400 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Nu...
How severe is CVE-2019-16400?
CVE-2019-16400 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-16400?
Check the references section above for vendor advisories and patch information. Affected products include: Samsung Galaxy S8 Plus Firmware, Samsung Galaxy S8 Plus, Samsung Galaxy S3 Firmware, Samsung Galaxy S3, Samsung Galaxy Note 2 Firmware.