2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
2.1 Low
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
23.9%
internal/telephony/SMSDispatcher.java in Android 4.x before 4.4.4, 5.0.x
before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-09-01, and 7.0 before
2016-09-01 allows physically proximate attackers to bypass the Factory
Reset Protection protection mechanism, and send premium SMS messages during
the Setup Wizard provisioning stage, via unspecified vectors, aka internal
bug 29420123.
source.android.com/security/bulletin/2016-09-01.html
android.googlesource.com/platform/frameworks/opt/telephony/+/b8d1aee993dcc565e6576b2f2439a8f5a507cff6
launchpad.net/bugs/cve/CVE-2016-3888
nvd.nist.gov/vuln/detail/CVE-2016-3888
security-tracker.debian.org/tracker/CVE-2016-3888
www.cve.org/CVERecord?id=CVE-2016-3888
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:N/I:P/A:N
2.1 Low
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
0.001 Low
EPSS
Percentile
23.9%