CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-16256

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score85.8680%
EPSS Percentile98.32th
Published2019年9月12日
Last Modified2025年11月12日

Vulnerability Description

Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker.

Affected Platforms (CPE)

📦
Trustedconnectivityalliance

S\@t Browser

All versions

References & Advisories

🔗 https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
🔗 https://www.adaptivemobile.com/blog/simjacker-next-generation-spying-over-mobile
🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16256

相關漏洞威脅

CVE-2021-2289310.0

Pulse Connect Secure 9.0R3/9.1R1 and higher is vulnerable to an authentication bypass vulnerability exposed by the Windows File Sh...

CVE-2021-3267110.0

Flarum is a forum software for building communities. Flarum's translation system allowed for string inputs to be converted into HT...

CVE-2019-1302010.0

The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI/v0/fetch?url= SSRF. This has two potential areas for abuse....

CVE-2021-2015110.0

Trendnet AC2600 TEW-827DRU version 2.08B01 contains a flaw in the session management for the device. The router's management softw...