CVE-2019-16256

Name of the Vulnerable Software and Affected Versions SIMalliance Toolbox Browser (aka S@T Browser) versions not specified

Description The issue is related to insecure privilege management in the SIMalliance Toolbox Browser on certain Samsung devices. This could allow a remote attacker to disclose protected information, extract location and IMEI information, or execute specific commands using SIM Toolkit (STK) instructions in an SMS message. The estimated number of potentially affected devices worldwide is not provided. There is no information about real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.