Vulnerability Details : CVE-2019-16400
Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G955USQU5CRG3, Baseband Vendor: Qualcomm Snapdragon 835, Baseband: G955USQU5CRG3), Samsung Galaxy S3 (Android version: 4.3, Build Number: JSS15J.I9300XXUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: I9300XXUGNA8), and Samsung Galaxy Note 2 (Android version: 4.3, Build Number: JSS15J.I9300XUGND5, Baseband Vendor: Samsung Exynos 4412, Baseband: N7100DDUFND1) devices allow attackers to send AT commands over Bluetooth, resulting in several Denial of Service (DoS) attacks.
Vulnerability category: Denial of service
Products affected by CVE-2019-16400
- cpe:2.3:o:samsung:galaxy_s3_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:galaxy_s8_plus_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:samsung:galaxy_note_2_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-16400
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 21 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-16400
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
3.3
|
LOW | AV:A/AC:L/Au:N/C:N/I:N/A:P |
6.5
|
2.9
|
NIST | |
6.5
|
MEDIUM | CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.8
|
3.6
|
NIST |
References for CVE-2019-16400
-
https://www.openconf.org/acsac2019/modules/request.php?module=oc_program&action=summary.php&id=210
ACSAC2019 - OpenConf Peer Review & Conference Management SystemThird Party Advisory
Jump to