CVE-2016-7991
Published Oct 31, 2016
Last updated 8 years ago
Overview
- Description
- On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 6.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:C/A:N
Weaknesses
- nvd@nist.gov
- CWE-388
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "49413FF7-7910-4F74-B106-C3170612CB2A"
},
{
"criteria": "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A2467F65-A3B7-4E45-A9A5-E5A6EFD99D7B"
},
{
"criteria": "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A8882E50-7C49-4A99-91F2-DF979CF8BB2F"
},
{
"criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA"
},
{
"criteria": "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8FC0FCEA-0B3D-43C1-AB62-4F9C880B4CA1"
},
{
"criteria": "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EC75ED04-B8C7-4CC0-AC64-AE2D9E0CDF5D"
},
{
"criteria": "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FC13D3EE-CC89-4883-8E3D-3FE25FB8CF42"
},
{
"criteria": "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3CEEA22-63B4-4702-A400-01349DF0EC1E"
},
{
"criteria": "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7C4E6353-B77A-464F-B7DE-932704003B33"
},
{
"criteria": "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "77125688-2CCA-4990-ABB2-551D47CB0CDD"
},
{
"criteria": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9915371-C730-41F7-B86E-7E4DE0DF5385"
},
{
"criteria": "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7A8EC00-266C-409B-AD43-18E8DFCD6FE3"
},
{
"criteria": "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B846C63A-7261-481E-B4A4-0D8C79E0D8A7"
},
{
"criteria": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B1D94CDD-DE7B-444E-A3AE-AE9C9A779374"
},
{
"criteria": "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E70C6D8D-C9C3-4D92-8DFC-71F59E068295"
},
{
"criteria": "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "691FA41B-C2CE-413F-ABB1-0B22CB322807"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:samsung:galaxy_s4:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "717D895C-E64D-4E0E-9F4A-9B191E6388B6"
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s4_mini:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "721FDF15-999F-42C1-90C2-4708C6DB98B1"
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s5:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "7060E1BD-9FFF-4D74-A2EE-20ABB447EA23"
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "E9C84354-75A3-4E55-A2D0-C0783AF36B37"
},
{
"criteria": "cpe:2.3:h:samsung:galaxy_s7:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F54653E7-88CD-4AA3-A2CD-BA0B116955F1"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]