CVE-2016-4032

MEDIUM Year: 2016
CVSS v3 Score
4.6
Medium
CVSS v2 Score
2.1
Low
Weakness Type
CWE-284
View all →

Vulnerability Description

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices do not block AT+USBDEBUG and AT+WIFIVALUE, which allows attackers to modify Android settings by leveraging AT access, aka SVE-2016-5301.

Related Vulnerabilities

CVE-2015-8512

MEDIUM
CVSS:4.6(Medium)

The lockscreen feature in Mozilla Firefox OS before 2.5 does not properly restrict failed authentication attempts, which makes it easier for physically proximate attackers to obtain access by entering...

CWE-2842015

CVE-2016-6769

MEDIUM
CVSS:4.6(Medium)

An elevation of privilege vulnerability in Smart Lock could enable a local malicious user to access Smart Lock settings without a PIN. This issue is rated as Moderate because it first requires physica...

CWE-2842016

CVE-2022-25831

MEDIUM
CVSS:4.6(Medium)

Improper access control vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical attackers to access secured data in certain conditions.

CWE-2842022

CVE-2022-36851

MEDIUM
CVSS:4.6(Medium)

Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device.

CWE-2842022

CVE-2022-39900

MEDIUM
CVSS:4.6(Medium)

Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder th...

CWE-2842022

CVE-2023-2202

MEDIUM
CVSS:4.6(Medium)

Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3.

CWE-2842023