CVE-2016-7988

No Permissions on SET_WIFI Broadcast receiver

Publish date

August 2016

Identifier

CVE-2016-7988

Manufacturer

Samsung

Product

Android

Patched

http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016

Authors

Tom Court

Description

On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7988

 

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider