CVE-2016-9567

Name of the Vulnerable Software and Affected Versions Samsung Mobile S7 devices with M(6.0) software

Description The issue affects the mDNIe system service, which does not properly restrict setmDNIeScreenCurtain API calls. This enables attackers to control a device's screen, potentially allowing them to eavesdrop after phone shutdown or record conversations via a crafted application.

Recommendations For Samsung Mobile S7 devices with M(6.0) software, consider restricting access to the setmDNIeScreenCurtain API until a patch is available. As a temporary workaround, disabling the mDNIe system service may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.