Unsolicited Configuration Messages Vulnerability on Samsung Galaxy S4 through S7 Devices

Unsolicited Configuration Messages Vulnerability on Samsung Galaxy S4 through S7 Devices

CVE-2016-7988 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:N/A:C

On Samsung Galaxy S4 through S7 devices, absence of permissions on the BroadcastReceiver responsible for handling the com.[Samsung].android.intent.action.SET_WIFI intent leads to unsolicited configuration messages being handled by wifi-service.jar within the Android Framework, a subset of SVE-2016-6542.

Learn more about our Cis Benchmark Audit For Google Android.