PT-2016-2942 · Samsung · Samsung Note+1
Published
2016-12-16
·
Updated
2016-12-22
·
CVE-2016-9966
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Samsung Note devices with L(5.0/5.1) software
Samsung Note devices with M(6.0) software
Samsung Note devices with N(7.0) software
Description
The issue is related to a lack of proper exception handling in some receivers of the Telecom application on Samsung devices. This can be exploited by attackers to crash the system, potentially leading to a Denial of Service (DoS) attack, or possibly gain privileges.
Recommendations
For Samsung Note devices with L(5.0/5.1) software, update the Telecom application to a version that includes proper exception handling.
For Samsung Note devices with M(6.0) software, update the Telecom application to a version that includes proper exception handling.
For Samsung Note devices with N(7.0) software, update the Telecom application to a version that includes proper exception handling.
As a temporary workaround, consider restricting access to the Telecom application until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Samsung Note
Telecom