An access control error vulnerability exists in Samsung TelephonyUI, a Telephony service for Samsung mobile devices in South Korea that provides support for the Telephony Application Programming Interface (TAPI). The vulnerability stems from a lack of proper permission checking in TelephonyUI, which could be exploited by an attacker to change the preferred network type via an unprotected binding call.