Описание
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- US Government Resource
Уязвимые конфигурации
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.
Уязвимость браузера SIMalliance Toolbox устройств Samsung, позволяющая нарушителю раскрыть защищаемую информацию и извлекать информацию о местоположении и IMEI или выполнять определенные команды
EPSS
9.8 Critical
CVSS3
7.5 High
CVSS2