CVE Vulnerability
CVE-2019-16401
Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow injection of AT+CIMI and AT+CGSN over Bluetooth, leaking sensitive information such as IMSI, IMEI, call status, call setup stage, internet service status, signal strength, current roaming status, battery level, and call held status.
References
| Link | Resource |
|---|---|
| https://www.openconf.org/acsac2019/modules/request.php?module=oc_program&action=summary.php&id=210 | Third Party Advisory |
Configurations
Configuration 1
|
|
Information
Published : 2019-11-06 11:15
Updated : 2020-08-24 05:37
NVD link : CVE-2019-16401
Mitre link : CVE-2019-16401
Products Affected
CWE