CVE-2016-4030

Name: CVE-2016-4030
Creator: NVD / NIST
Published: 2017-04-13T16:59:01.177+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.51%

Last modified Jun 17, 2026

CVE-2016-4030 is a vulnerability of currently unknown severity. Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.. EPSS estimates a 0.51% chance of exploitation in the next 30 days.

Description

Samsung SM-G920F build G920FXXU2COH2 (Galaxy S6), SM-N9005 build N9005XXUGBOK6 (Galaxy Note 3), GT-I9192 build I9192XXUBNB1 (Galaxy S4 mini), GT-I9195 build I9195XXUCOL1 (Galaxy S4 mini LTE), and GT-I9505 build I9505XXUHOJ2 (Galaxy S4) devices have unintended availability of the modem in USB configuration number 2 within the secure lockscreen state, allowing an attacker to make phone calls, send text messages, or issue commands, aka SVE-2016-5301.

Metrics

EPSS Probability

0.51%

39.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-284

Affected Software

Vendor	Product	Versions
Samsung	Galaxy S6 Firmware	g920fxxu2coh2
Samsung	Galaxy Note 3 Firmware	n9005xxugbob6
Samsung	Galaxy S4 Mini Firmware	i9192xxubnb1
Samsung	Galaxy S4 Mini Lte Firmware	i9195xxucol1
Samsung	Galaxy S4 Firmware	i9505xxuhoj2

References

http://www.securityfocus.com/bid/97701Third Party Advisory, VDB Entry
https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004Exploit, Technical Description, Third Party Advisory
http://www.securityfocus.com/bid/97701Third Party Advisory, VDB Entry
https://github.com/ud2/advisories/tree/master/android/samsung/nocve-2016-0004Exploit, Technical Description, Third Party Advisory

Timeline

Published: Apr 13, 2017
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2016-4030?

How severe is CVE-2016-4030?

Severity scoring for CVE-2016-4030 is pending analysis. The EPSS model estimates a 0.51% probability of exploitation in the next 30 days.

How do I fix CVE-2016-4030?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2016-4030?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST