CVE-2016-11025

Name of the Vulnerable Software and Affected Versions: Samsung mobile devices with software through 2016-09-13

Description: An issue was discovered in the OTP service of Samsung mobile devices, specifically those with Exynos AP chipsets. This issue involves a memcpy heap-based buffer overflow.

Recommendations: For Samsung mobile devices with software through 2016-09-13, consider restricting access to the OTP service until a patch is available. As a temporary workaround, disabling the OTP service may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.