CVE-2016-6527

Name of the Vulnerable Software and Affected Versions Samsung Mobile Telecom application (affected versions not specified) Samsung Note device versions 5.0/5.1 through 6.0

Description The issue is related to insufficient access control in the SmartCall Activity component of the Telecom application. It may allow a remote attacker to cause a denial of service, resulting in a crash and reboot, or possibly gain privileges. This can be achieved via a malformed serializable object.

Recommendations For Samsung Note device versions 5.0/5.1 through 6.0, consider restricting access to the SmartCall Activity component until a fix is available. As a temporary workaround, avoid using the Telecom application on affected devices until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.