Details of VAR-201610-0206

ID

VAR-201610-0206

CVE

CVE-2016-7991

TITLE

Samsung Galaxy Unapproved on device WAP Push SMS Message acceptance vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-005689

DESCRIPTION

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542. This vulnerability SVE-2016-6542 Is part of Supplementary information : CWE Vulnerability type by CWE-388: Error Handling ( Error handling ) Has been identified. SamsungGalaxyS4 and so on are all smart mobile devices released by South Korea's Samsung. The SamsungGalaxyS4 to S7 device has an unauthorized modification vulnerability. The vulnerability stems from the program's ignoring of security information embedded in OMACP information. The remote attacker can use this vulnerability to receive, parse, and process unknown WAPSushSMS information, resulting in unauthorized modification of configuration information. Multiple Samsung Galaxy products are prone to a security-bypass vulnerability. An attacker may exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. Samsung Galaxy S4 through S7 devices are vulnerable

Trust: 2.43

sources: NVD: CVE-2016-7991 // JVNDB: JVNDB-2016-005689 // CNVD: CNVD-2016-10515 // BID: 94088

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-10515

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	eq	version:	6.0	Trust: 2.7
vendor:	google	model:	android	scope:	eq	version:	4.4	Trust: 2.1
vendor:	google	model:	android	scope:	eq	version:	6.0.1	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	5.1.1	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	5.0.2	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	5.0.1	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	4.4.4	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	4.2.2	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	5.1	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	5.0	Trust: 1.9
vendor:	google	model:	android	scope:	eq	version:	5.1.0	Trust: 1.6
vendor:	google	model:	android	scope:	eq	version:	4.4.3	Trust: 1.3
vendor:	google	model:	android	scope:	eq	version:	4.4.2	Trust: 1.3
vendor:	google	model:	android	scope:	eq	version:	4.4.1	Trust: 1.3
vendor:	google	model:	android	scope:	eq	version:	4.3.1	Trust: 1.3
vendor:	google	model:	android	scope:	eq	version:	4.3	Trust: 1.3
vendor:	google	model:	android	scope:	eq	version:	5.0/5.1	Trust: 0.8
vendor:	samsung	model:	galaxy s4	scope:	-	version:	-	Trust: 0.8
vendor:	samsung	model:	galaxy s4 mini	scope:	-	version:	-	Trust: 0.8
vendor:	samsung	model:	galaxy s5	scope:	-	version:	-	Trust: 0.8
vendor:	samsung	model:	galaxy s6	scope:	-	version:	-	Trust: 0.8
vendor:	samsung	model:	galaxy s7	scope:	-	version:	-	Trust: 0.8
vendor:	samsung	model:	galaxy >=s4,<=s7	scope:	-	version:	-	Trust: 0.6
vendor:	samsung	model:	galaxy s7	scope:	eq	version:	0	Trust: 0.3
vendor:	samsung	model:	galaxy s6 edge	scope:	eq	version:	0	Trust: 0.3
vendor:	samsung	model:	galaxy s6	scope:	eq	version:	0	Trust: 0.3
vendor:	samsung	model:	galaxy s5	scope:	eq	version:	0	Trust: 0.3
vendor:	samsung	model:	galaxy s4 mini	scope:	eq	version:	0	Trust: 0.3
vendor:	samsung	model:	galaxy s4	scope:	eq	version:	0	Trust: 0.3

sources: CNVD: CNVD-2016-10515 // BID: 94088 // JVNDB: JVNDB-2016-005689 // CNNVD: CNNVD-201610-875 // NVD: CVE-2016-7991

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2016-7991
value:	HIGH
Trust: 1.0
NVD:	CVE-2016-7991
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-10515
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201610-875
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2016-7991
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2016-10515
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:C/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	COMPLETE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2016-7991
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	HIGH
availabilityImpact:	NONE
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-10515 // JVNDB: JVNDB-2016-005689 // CNNVD: CNNVD-201610-875 // NVD: CVE-2016-7991

PROBLEMTYPE DATA

problemtype:	CWE-388	Trust: 1.0
problemtype:	CWE-Other	Trust: 0.8

sources: JVNDB: JVNDB-2016-005689 // NVD: CVE-2016-7991

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201610-875

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201610-875

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-005689

PATCH

title:	トップページ	url:	https://www.android.com/intl/ja_jp/	Trust: 0.8
title:	SVE-2016-6542	url:	http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016	Trust: 0.8
title:	SamsungGalaxyS4 to S7 devices have patches for unauthorized modification of vulnerabilities	url:	https://www.cnvd.org.cn/patchInfo/show/83380	Trust: 0.6
title:	Multiple Samsung Galaxy Repair measures for device security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65196	Trust: 0.6

sources: CNVD: CNVD-2016-10515 // JVNDB: JVNDB-2016-005689 // CNNVD: CNNVD-201610-875

EXTERNAL IDS

db:	NVD	id:	CVE-2016-7991	Trust: 3.3
db:	BID	id:	94088	Trust: 1.3
db:	JVNDB	id:	JVNDB-2016-005689	Trust: 0.8
db:	CNVD	id:	CNVD-2016-10515	Trust: 0.6
db:	CNNVD	id:	CNNVD-201610-875	Trust: 0.6

sources: CNVD: CNVD-2016-10515 // BID: 94088 // JVNDB: JVNDB-2016-005689 // CNNVD: CNNVD-201610-875 // NVD: CVE-2016-7991

REFERENCES

url:	http://security.samsungmobile.com/smrupdate.html#smr-aug-2016	Trust: 1.9
url:	http://www.securityfocus.com/bid/94088	Trust: 1.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-7991	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-7991	Trust: 0.8
url:	http://security.samsungmobile.com/smrupdate.html#smr	Trust: 0.6
url:	http://www.samsung.com/	Trust: 0.3

sources: CNVD: CNVD-2016-10515 // BID: 94088 // JVNDB: JVNDB-2016-005689 // CNNVD: CNNVD-201610-875 // NVD: CVE-2016-7991

CREDITS

Tom Court of Context.

Trust: 0.3

sources: BID: 94088

SOURCES

db:	CNVD	id:	CNVD-2016-10515
db:	BID	id:	94088
db:	JVNDB	id:	JVNDB-2016-005689
db:	CNNVD	id:	CNNVD-201610-875
db:	NVD	id:	CVE-2016-7991

LAST UPDATE DATE

2024-11-23T21:54:26.715000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-10515	date:	2016-11-02T00:00:00
db:	BID	id:	94088	date:	2016-11-24T01:07:00
db:	JVNDB	id:	JVNDB-2016-005689	date:	2016-11-04T00:00:00
db:	CNNVD	id:	CNNVD-201610-875	date:	2016-11-01T00:00:00
db:	NVD	id:	CVE-2016-7991	date:	2024-11-21T02:58:51.723

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-10515	date:	2016-11-02T00:00:00
db:	BID	id:	94088	date:	2016-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2016-005689	date:	2016-11-04T00:00:00
db:	CNNVD	id:	CNNVD-201610-875	date:	2016-10-31T00:00:00
db:	NVD	id:	CVE-2016-7991	date:	2016-10-31T10:59:08.147