CVE-2016-7991

Name of the Vulnerable Software and Affected Versions Samsung Galaxy S series versions S4 through S7

Description The issue allows remote unsolicited WAP Push SMS messages to be accepted, parsed, and handled by the device, leading to unauthorized configuration changes. This occurs because the "omacp" app ignores security information embedded in the OMACP messages.

Recommendations For Samsung Galaxy S4 through S7 devices, consider disabling the "omacp" app until a patch is available to prevent unauthorized configuration changes. Restrict access to the device's configuration settings to minimize the risk of exploitation.